The figures for the MOVEit data breach continue to rise to alarming heights. The Record reports:
The National Student Clearinghouse (NSC) reported that nearly 900 colleges and universities across the U.S. had data stolen during attacks by a Russia-based ransomware gang exploiting the popular MOVEit file-sharing tool.
The nonprofit manages educational reporting, data exchange, verification, and research services for 3,600 colleges and universities as well as 22,000 high schools.Clop.
Emsisoft, which has been tracking the MOVEit breach since it was first disclosed, currently shows that 2,098 entities have been affected and 62,054,613 individuals. This makes the Progress software breach possibly the largest breach of 2023.
While NSC disclosed the breach on behalf of 890 colleges and schools, that is not necessarily the total number of schools and colleges they notified. Some schools and colleges may have decided to notify states and individuals on their own, and even the notification to California does not indicate how many individuals were being notified for those schools.
Some additional details can be found in the reporting by The Record.