MOVEit hack impacts US financial services provider for academics

U.S. nonprofit financial services firm for academics Teachers Insurance and Annuity Association of America was confirmed to be compromised in the widespread Cl0p ransomware attack involving the exploitation of a vulnerability in the MOVEit Transfer file transfer software by Connecticut-based Trinity College and Vermont-based Middlebury College, both of which reported data breaches as a result of the ransomware attack against TIAA, TechCrunch reports. While both colleges disclosed that their systems were not impacted by the MOVEit hack, information shared with TIAA may have been compromised. Middlebury also confirmed a breach of student data from the MOVEit attack against the National Student Clearinghouse. Meanwhile, no direct impact from the MOVEit attack was noted by TIAA, which reported that it had been breached due to a successful compromise at its third-party auditing and beneficiary location services provider Pension Benefit Information. "No information was obtained from TIAA's systems and TIAA systems were not at risk from the MOVEit Transfer vulnerability. We have not observed any related unusual activity from this event involving TIAA accounts," said TIAA spokesperson Chad Peterson.