As reported in the news late last week, a major data breach is affecting millions of people across the country. The breach involved exploiting a security vulnerability with the file transfer tool MOVEit, which is used by several organizations that work alongside Pace University.
Pace does not use the MOVEit software, however, we have been notified by our service providers, National Student Clearinghouse (NSC) and Teachers Insurance and Annuity Association (TIAA), that personally identifiable information may have been exposed due to the use of the MOVEit software by the providers and/or their third-party vendors and partners.
Based on the information that we’ve received to date, the breach does not affect the entire Pace Community. The University is working with TIAA and NSC to determine the scope and extent of the potential exposure to the Pace Community.
What Should You Do?
Those who were directly impacted by the breach will be contacted by the vendors with more information about next steps. Regardless of whether your data was exposed, it is good practice to institute the following steps to manage your personal data:
The Pace team—which includes members from ITS, Human Resources, the Office of the Registrar, University Counsel, among others—is actively assessing the situation. Please stay tuned to both your Pace and personal email accounts for information from TIAA and/or its vendor Pension Benefit Information (PBI), and NSC.