Student data at risk from cyber attack on National Student Clearinghouse


By Maaike Niekerk, Summer Editor

According to a Massmail sent out on Monday, various institutions — including the University of Illinois — were targeted in a cyber attack on May 31.

The email, sent by Executive Vice President and Vice President of Academic Affairs Nicholas Jones and Chief Digital Risk Officer Joe Barnes, said that “personal data of students may have been obtained by an unauthorized party” in this attack.

The University was notified of the attack by the National Student Clearinghouse (NSC) this week. 

This personal student data was obtained by the unauthorized party “exploiting a vulnerability in a software product that assists in transferring data files,” the email said. NSC quickly shut down access to this data after identifying the vulnerability. 

NSC, a nonprofit and nongovernmental organization, “relieves the administrative burdens and costs related to student data reporting and exchange,” and is used by 3,600 different colleges and universities, according to their website.

    Sign up for our newsletter!

    The email said that at this time, there is no indication that any compromised information has been used fraudulently, but NSC is continuing to look into the situation.

    Individuals whose data was accessed will receive a direct notification from NSC. 

    An FAQ section was included in the email, which clarified the role of NSC in the situation as well as additional information about the data that may have been accessed.

    Additionally, the University provided tips for protection from identity fraud, including ordering a free annual report from major credit reporting companies and contacting the Federal Trade Commission.

    [email protected]