MOVEit software cyberattack notification

By

CSU Sytem logo
Editor’s note: This letter was sent to the CSU System community on July 12.

CSU System community members,

I am writing to inform you of a cyberattack against third-party organizations that have a relationship with many corporations and institutions of higher education across the country, including the Colorado State University System, which potentially has resulted in unauthorized access of personal information of some members of our community.

No systems operated or maintained by the CSU System or the CSU campuses were breached. We are providing this information so everyone in our community can take steps to protect their personal information.

TIAA, National Student Clearinghouse, Corebridge Financial, Genworth Financial, Sunlife, and The Hartford have notified CSU that they were impacted by the global attack against the MOVEit Transfer software. MOVEit allows exchange of data files with clients across the world. We’ve been informed that the data breach may involve data for some current employees and students, as well as former employees and students dating back to at least 2021.

We will continue working with these vendors to gauge the full impact of the cyberattack. As of July 12, more than 280 organizations, including many universities, have been impacted by the MOVEit security event.

Our team is following this situation closely and will post updated information as we have it to a CSU System webpage with information to help you mitigate your personal risk and keep you informed with the latest information we’re working to gather from the affected vendors. Regardless of whether you are impacted by this cyber event, you can take steps to protect your personal data.

While this cyberattack involves third-party vendors and university systems were not compromised, it is a reminder of the importance of cybersecurity at CSU System institutions. If you have questions about keeping data safe, please contact your university or System information technology expert.

Our Division of IT and the entire university system will continue prioritizing the security of your personal data and keep you updated via the website on future developments.

Thank you,

Brandon Bernier
Chief Information Officer, CSU System
Vice President for Information Technology

Tags assigned to this story

CSU Systemdata securityDivision of Information Technology

CSU MarComm Staff

More posts by CSU MarComm Staff