Important Update: National Data Breach Concerning University Accounting Service and National Student Clearinghouse
SEPTEMBER 7, 2023
Connecticut Higher Education Supplemental Loan Authority (CHESLA) continues to gather more information from University Accounting Service (UAS) and National Student Clearinghouse (NSC) regarding a recent security breach involving the MOVEit Transfer tool and the effect of that breach on our customers.
We have been notified by UAS, as one of CHESLA’s service providers, that its partner, National Student Clearinghouse (NSC) discovered that certain personally identifiable information and data of some of our customers may have been impacted by the MOVEit Transfer tool data breach that is affecting millions across the country.
CHESLA does not use the MOVEit Transfer tool and is not responsible for this data breach. UAS has assured CHESLA that any affected community member will be formally notified directly and provided information about next steps and whom to contact for inquiries. For those impacted, bear in mind that it is possible that the data in question could have been provided by another institution that uses the services of UAS or NSC, and you might receive multiple notices.
Safety Precautions You Can Take Now: This unfortunate situation is a reminder that you can take precautionary steps sooner rather than later to protect yourself from data breaches. Regardless of whether your data was exposed in this incident, it is good practice to institute the following steps:
- Frequently review your financial accounts. See the FTC’s “warning signs of identity theft.”
- Check your credit report at annualcreditreport.com.
- Consider placing a credit freeze on your credit report, with each of the three credit reporting agencies—Equifax, Experian, and TransUnion.
- Students should consider enrolling in an identity theft protection service such as TrueIdentity from TransUnion.
Regarding UAS: UAS is a student loan billing service provider. UAS partners with colleges, universities, and financial institutions across the country to assist with administering and billing of federal and private student loans. UAS has informed CHESLA that the incident involves NSC, a vendor that UAS uses for compliance reporting and verification and that uses the MOVEit Transfer tool.
Regarding NSC: NSC provides required compliance reporting, data exchange, verification, and research services to many loan billing service providers. NSC shared more information on their website