Hundreds of US schools compromised following ransomware hack

News
By published

Non-profit servicing hundreds of schools breached

A white padlock on a dark digital background.
(Image credit: Shutterstock.com)

The National Student Clearinghouse has become the latest major victim of the infamous MOVEit managed file transfer breach. 

However, the problem is - this organization is a service provider, servicing thousands of high schools and colleges across the US, and as a result, almost 900 schools have had sensitive data taken.

In a breach notification letter posted on the website of the Office of the California Attorney General, the National Student Clearinghouse confirmed the breach and detailed which information was taken.

Hundreds of victims

“After learning of the issue, we promptly initiated an investigation with the support of leading cybersecurity experts. We have also coordinated with law enforcement. Through our investigation, on June 20, 2023, we learned that an unauthorized party obtained certain files from the MOVEit tool. The issue occurred on or around May 30, 2023,” the notice reads.

“The relevant files obtained by the unauthorized third party included personal information such as name, date of birth, contact information, Social Security number, student ID number, and certain school-related records (for example, enrollment records, degree records, and course-level data). The data that was affected by this issue varies by individual.”

The National Student Clearinghouse is a non-profit organization providing educational reporting, verification, and research services to colleges and universities in North America. More than 3,600 colleges and universities are part of this network, as are some 22,000 high schools.

The organization said it patched its MOVEit instance and placed additional monitoring capabilities on its endpoints. At the same time, it gave the victims two years of identity monitoring services. 

The National Student Clearinghouse is just the latest in a long string of victims of a supply chain attack that started with the breach of MOVEit.

MOVEit is a managed file transfer service used by hundreds of organizations and corporations, both in the private and public sectors. It was compromised by a known ransomware actor - Cl0p. Infosecurity Magazine says, citing experts, that the threat actor could make as much as $100 million by extorting the victims of the breach, without breaking a sweat.

Via Infosecurity Magazine

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
How to prevent cyberattacks
PowerSchool breach worse than thought, company says "all" student and teacher data accessed
Data leak
US utility giant says MOVEit hack exposed stolen data
A digital representation of a lock
PowerSchool hit by cyberattack which saw student and teacher data stolen
Lock on Laptop Screen
Clop ransomware lists Cleo cyberattack victims
security
PowerSchool hack keeps getting worse - 62 million students now thought to be affected
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Latest in News
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC
More about security
Google Chrome

Google Chrome security flaw could have let hackers spy on all your online habits
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.

Broadcom warns of worrying security flaws affecting VMware tools
A young woman is working on a laptop in a relaxed office space.

I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
See more latest
Most Popular
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
Render of a new RTX 4000 Max-Q gaming laptop.
I can't say I'm surprised, but Nvidia's RTX 5090 laptop GPU has a big performance leap over its predecessor, according to early benchmarks
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Apple Music on a tablet, showing a new Listening Guide feature
Apple Music Classical just got 3 excellent perks in its biggest upgrade since launch
Google Pixel Buds Pro 2
Cleaned your Pixel Buds Pro 2 recently? If not, you might be getting worse sound
Quick move in Civ 7.
Sid Meier's Civilization 7 update 1.1.1 is here and it finally adds a setting that I've wanted since day one