The University System of Georgia (USG) has confirmed a significant data breach that occurred in May 2023, affecting the personal information of approximately 800,000 individuals.
The breach is attributed to the exploitation of a zero-day vulnerability in Progress Software’s MOVEit file transfer solution by the Clop ransomware gang.
The compromised data includes:
- Full or partial Social Security Numbers
- Dates of birth
- Bank account numbers
- Federal tax documents
USG initiated the notification process in April 2024, nearly a year after the breach. The delay is attributed to a lengthy investigation conducted with the assistance of the FBI and CISA.
Affected individuals, including students, faculty, and staff within the USG system, are urged to closely monitor bank accounts and credit reports for signs of fraudulent activity. Implementing additional security measures such as credit freezes is also recommended.
