Important information about the recent cyberattacks on National Student Clearinghouse, TIAA & Corebridge Financial
Dear UAlbany Community,
We are reaching out to you about cyberattacks involving MOVEit Transfer software that have impacted many organizations across the country, including three that we work with – the National Student Clearinghouse (NSC), TIAA and Corebridge Financial.
Each of these organizations has alerted us to the possibility that the personal information of UAlbany students, former students, employees, and retirees may have been impacted by these cyberattacks.
TIAA and Corebridge provide retirement planning and investment services for some employees. The NSC is a non-profit organization that provides data services to numerous educational institutions and other organizations, including required student financial aid reporting to the federal government.
Each of these organizations is responsible for investigating the scope of the potential breach, identifying the individuals whose information may have been exposed and notifying them directly. If you receive a notification from NSC, TIAA or Corebridge, please follow their instructions. In the meantime, we recommend that you err on the side of caution and use your right to a free annual credit report from each of the major credit reporting companies: Experian, Equifax or TransUnion.
The NSC has posted more information about the incident’s impact on their organization on its website.
It is important to note that no UAlbany networks or systems were affected by the cyberattack. Data involved in this incident was only accessible through NSC, TIAA and Corebridge systems; the University’s networks remain secure.
At this time, the University has no additional information to share about the incident impacting these organizations. Nevertheless, we understand that this news may be concerning and want to assure you that we are working closely with SUNY to monitor developments and ensure all necessary steps are being taken to safeguard our networks and the data they contain.
Chief Enterprise Risk Management & Compliance Officer
Chief Information Security Officer