Schools' Teachers Retirement Fund Targeted in MOVEit Hackers Attack

Millions Affected by MOVEit Mass-Hacks as List of Casualties Continues to Grow

Cybersecurity Experts Sound Alarm as Number of Victims Surpasses 160

In a growing cybersecurity concern, two U.S. schools have confirmed that TIAA, a nonprofit organization providing financial services for individuals in academic fields, has been caught up in the mass-hacks targeting MOVEit file transfer tools.

Middlebury College in Vermont and Trinity College in Connecticut both released security notices confirming they experienced data breaches as a result of a security incident at the Teachers Insurance and Annuity Association of America (TIAA).
What is TIAA?: According to its website, TIAA serves more than five million active and retired employees participating at over 15,000 institutions and manages $1.3 trillion in assets in over 50 countries.

The MOVEit Hack: A Widespread Cybersecurity Incident

Both security notices confirm that TIAA was affected by hackers’ widespread exploitation of a flaw in MOVEit Transfer, an enterprise file transfer tool developed by Progress Software.

Chad Peterson, a spokesperson for TIAA, stated that the organization wasn’t directly impacted by MOVEit but was also impacted by a breach at one of its third-party vendors using MOVEit Transfer.
The vendor, named Pension Benefit Information (PBI), is used by TIAA for auditing and beneficiary location services. Peterson assured that no information was obtained from TIAA’s systems, and TIAA systems were not at risk from the MOVEit Transfer vulnerability.

The Mass-Hack Continues to Spread

So far, more than 160 victims have been claimed, including:

Emsisoft threat analyst Brett Callow: "The mass-hack has so far claimed more than 160 victims."
U.S. Department of Health and Human Services (HHS): One of the organizations affected by the MOVEit hack.
Siemens Energy: Another organization impacted by the widespread cybersecurity incident.

Trinity College and Middlebury College Affected

Trinity College, which uses TIAA as the record keeper for its annuity plan, stated that while its own systems were unaffected by the MOVEit hack, "TIAA, with whom Trinity shares student employee data, has announced that its files may be impacted."
The college shared Social Security numbers and dates of birth with TIAA.
Middlebury College said it had also been notified by TIAA, with whom it shares personally identifiable information, that data belonging to the college had been exposed due to the cyberattack.

The Full Extent of the Breach Unknown

While TIAA has notified affected schools of its security incident, the organization has yet to publicly acknowledge the incident. In response to a Twitter user questioning the organization’s silence, TIAA responded saying that its offices were closed.

How many organizations have been impacted?: It’s not yet known how many organizations have been impacted as a result of the cyberattack on TIAA.
The dark web leak site: TIAA has not yet been listed on the dark web leak site of the Russia-linked Clop ransomware gang, which has claimed responsibility for the ongoing MOVEit cyberattacks.

Security Experts Sound Alarm

Cybersecurity experts are sounding alarm as the number of victims continues to grow. "Millions affected by MOVEit mass-hacks," tweeted Emsisoft threat analyst Brett Callow. The incident highlights the importance of robust cybersecurity measures and regular updates to prevent similar incidents in the future.