- RSU Notified of Third-Party Vendor Data Breach
Update as of 8/16/23:
As a result of the data breach earlier this year involving the National Student Clearinghouse (NSC) and MoveIt Transfer, RSU has confirmed that the NSC breach impacted data from some of our current and former students. According to NSC, the only data affected in the breach for RSU students involved a list of student names. This means that, per the information RSU has received from NSC, no social security numbers, no student ID numbers, no birthdays, or any other information apart from student names were exposed in the data breach.
The RSU Registrar’s Office has received a list of all students impacted by this breach. To determine whether your name was included in the data breach, please contact the Office of the Registrar at [email protected] or 918-343-7552. For more information on the NSC cybersecurity incident, visit alert.studentclearinghouse.org. Students who have further questions may email NSC at [email protected].
Originally posted 7/14/23:
Rogers State University has been notified by one of our vendors, the National Student Clearinghouse (NSC), that they were impacted by a cybersecurity event involving MOVEit Transfer, a third-party tool used by the NSC. The university is working to determine the impact on RSU student information. The University is also aware that data with Teachers Insurance and Annuity Association (TIAA) was also affected by the same breach and RSU is working to determine whether any employee or retiree data was affected.
While no RSU I.T. systems were affected by the breach, information shared using MOVEit Transfer could be compromised, potentially enabling unauthorized access to personally identifiable data, including Social Security numbers and dates of birth.
The U.S. Department of Education requires RSU, along with approximately 3,600 other colleges and universities nationwide, to use NSC, which transfers data via MOVEit to the National Student Loan Data System. TIAA, which manages some current and former RSU employee retirement accounts, was impacted by a breach at one of its third-party vendors using MOVEit Transfer. The vendor, Pension Benefit Information, is used by TIAA for auditing and beneficiary location services.
NSC and TIAA are conducting investigations to determine the extent of the breach. At this time, neither NSC nor TIAA has provided RSU with more specific information about what records were impacted by this breach.
RSU takes the privacy of our students’ and employees’ information very seriously, so we are providing this notice directly to you. Notices may also be provided by NSC and TIAA. For more information on the NSC cybersecurity incident, visit alert.studentclearinghouse.org. Students who have questions may email NSC at [email protected]. For more information on the TIAA cybersecurity incident, employees and retirees may direct questions to their assigned TIAA representative.
Office of the Registrar
Rogers State University’s Office of the Registrar is committed to exceeding student’s and parent’s expectations for service. Our goal is to provide services, in person and online, that meet your needs. We are dedicated to you and strive to ensure that our service is second to none.
Alaina Sprague
Assistant Registrar
Bradley Hammond
Registrar