National Data Breach
Dear campus community,
[Garden City, KS] July 12, 2023 -- We are writing to inform the Garden City Community about a privacy breach that has impacted multiple organizations and institutions of higher education across the U.S., including two external service providers with which GCCC partners, The National Student Clearinghouse (NSC) and TIAA. It is important to note that no systems maintained by Garden City Community College were breached. To date, the College has received notification from NSC concerning a possible impact to GCCC Students. We have not received any notification from TIAA concerning impact to Faculty or Staff.
This data breach involves a vulnerability in MOVEit, a widely used data transfer software. At this time, neither NSC nor TIAA have shared specifics about the data that may have been compromised. In addition, no communications have been received from Progress Software, the company that owns MOVEit.
However, we know that the data shared with NSC and TIAA includes personally identifiable information such as Social Security numbers and dates of birth. Currently, the extent of the breach and the specific impact on GCCC Students, Faculty and Staff is unclear. Still, we expect NSC, TIAA, and/or Progress Software will directly contact any affected individuals with information regarding next steps.
While we do not have any information regarding malicious use of the compromised data, we want to share the following recommendations to protect your personal information.
Monitor your accounts: Regularly review your financial and online accounts for any unauthorized activity.
Change Passwords: If you have used the same password across multiple accounts, we strongly advise changing your passwords immediately. Choose unique and strong passwords for each account.
Enable Two-Factor Authentication: Activate two-factor authentication wherever available, as it provides an extra layer of security.
Be Vigilant with Phishing Attempts: Stay alert for suspicious emails or messages that may attempt to deceive you into sharing personal information. Avoid clicking on links or downloading attachments from unknown sources.
In summary, this data breach did not involve Garden City Community College systems. Our Information Security Incident Response Team, comprised of members of IT, staff, and administrators in various divisions, has been meeting frequently. This team will continue to monitor the situation actively and provide updates as warranted. If you have any questions or concerns, please do not hesitate to email ithelpdesk@gcccks.edu.
- Sincerely,
- Lance M. Miller
- Executive Information Officer