Published on August 8, 2023
John A. Logan College has been notified by the National Student Clearinghouse (NSC) of a recent data breach. The security breach stems from a vulnerability in the MOVEit Transfer tool, used by the Clearinghouse and many other organizations to transfer data files. John A. Logan College does not use the MOVEit Transfer tool. The Clearinghouse has taken immediate action, including implementing patches and working with cybersecurity experts. NSC believes that an unauthorized party may have accessed certain files containing personal data maintained by the Clearinghouse on behalf of higher educational institutions. The Clearinghouse is reviewing the affected files and will provide additional information on the impact, including a list of individuals and the data types affected. It is important to note that no systems operated or maintained by John A. Logan College were breached, as this incident is localized to the National Student Clearinghouse systems.
The Department of Education requires John A. Logan College to report student data to NSC for financial aid compliance and enrollment reporting purposes. The extent of the NSC breach and the specific impact on students remains unclear. However, it is crucial to acknowledge that some of the data maintained by NSC includes personally identifiable information (PII), such as social security numbers and date of birth. NSC is conducting a comprehensive investigation to determine the scope of the breach and identify the affected individuals. Once NSC completes its investigation, National Student Clearinghouse will notify any impacted students promptly.
Please be aware that this breach encompasses multiple organizations and higher education institutions across the United States. Consequently, the investigation is expected to be extensive and may require significant time before its completion. NSC has indicated that every effort is being made to expedite the process and provide you with the necessary information as soon as possible.
While the College awaits further updates, NSC recommends implementing the following safeguards to protect your personal information.
Monitor credit cards and bank accounts: Regularly review your accounts and promptly report any suspicious activity to your financial institution. Be vigilant for unexplained payments, unexpected notifications from your bank, or calls claiming to be your bank. Additionally, consider setting up email notifications for credit card purchases.
Place fraud alerts and credit freeze: Take proactive measures by requesting fraud alerts and credit freeze with major credit bureaus. This can help safeguard against identity theft or further misuse of your personal information if it is compromised. Further information on these measures can be found at the following link: [https://consumer.ftc.gov/articles/what-know-about-credit-freezes-fraud-alerts].
Exercise caution with suspicious emails or communications: Refrain from opening or clicking on links in emails, texts, or messages from unknown individuals. Scammers are becoming increasingly sophisticated in their tactics. Exercise caution if you receive messages (via email, text, Facebook Messenger, etc.) asking for your password, prompting for Multifactor Authentication (MFA), or requesting your one-time passcode. Regardless of the consequences they may threaten, it is unlikely to be true.
Update passwords: It is advisable to create longer passwords, preferably with a minimum of 12 characters. Always use unique passwords for each website or application you access. Whenever possible, enable Multifactor Authentication (MFA) for an added layer of security.
The privacy, safety, and security of our students, alumni, families, and employees are paramount at John A. Logan College. The College will monitor the situation closely and provide updates as they become available.
More information can be found on the NSC website https://alert.studentclearinghouse.org/