Colorado State University (CSU) has confirmed that sensitive personal information of current and former students and employees was stolen in a recent data breach.
The breach was the result of a compromise of the MOVEit Transfer security file transfer platform, which is used by many universities across the United States.
The stolen data includes first name, middle initial, last name, date of birth, student or employee identification numbers, social security number, and demographic information such as gender, ethnicity, and level and area of education.
CSU is currently investigating the extent of the breach and will be sending out individual notification letters to those who have been affected. In the meantime, the university is advising all community members to remain vigilant and report suspected identity theft incidents to the university and law enforcement authorities.
No identity theft protection service coverage is offered to CSU members, who are recommended to follow the advice published by the Federal Trade Commission (FTC).
The FTC recommends that individuals take the following steps to protect themselves after a data breach:
- Place a fraud alert on your credit report.
- Monitor your credit report for any unauthorized activity.
- Place a credit freeze on your credit report.
- Consider signing up for an identity theft protection service.
- Report any suspicious activity to your financial institutions and the FTC.
CSU is taking steps to improve the security of its systems and to prevent future data breaches. The university is also working with the affected vendors to investigate the breach and mitigate the impact on its community members.
