July 10, 2023
Colleges across the U.S. — from Middlebury College in Vermont to the University of California, Los Angeles — say they’ve been swept up in the cyberattack exploiting a security vulnerability in Progress Software’s MOVEit service, which enables organizations to transfer large data files.
Clop, a ransomware group, has taken responsibility for the attacks on the dark web, claiming to have stolen data from hundreds of organizations. Prior to Clop’s latest attacks, government officials estimated the group had compromised over 3,000 organizations in the U.S. — and even more based elsewhere.
The attacks have fallen heavily on the education sector, where widely used vendors have confirmed breaches linked to the MOVEit vulnerability. Some individual colleges that use MOVEit software say they have also been affected.
Below, we’re rounding up some of the major higher education groups and colleges that have confirmed cybersecurity incidents related to the MOVEit breach.