Over 800,000 (and counting) students, faculty, and staff at the University System of Georgia (USG) are now part of the growing list of victims of a data breach within the education sector. The Russian-linked hacking group, Clop (aka cl0p), recently included USG in the ongoing year-long breach of MOVEit file transfer software and its clients. The personally identifiable information (PII) of more than 77 million people has been exposed in the wake of continuing attacks worldwide.

USG is the latest of more than 2,600 organizations victimized globally by the MOVEit breach. In particular, Clop’s MOVEit attacks focus on higher education and small-to-medium sized businesses (SMBs). Historically, both groups lack the resources needed for a strong cyber-defense, making them prime targets for ransomware and other devastating attacks.

According to findings by Emsisoft, the U.S. represents 78.1% of those affected by Clop’s massive and persistent MOVEit data breach. They note Canada is second behind the U.S. with 14% of attacks, Germany with 1.4% and the UK with 0.8%.

Education in The Crosshairs

Education in general is under attack by cybercriminals, with USG as one of the largest systems in the country. It represents 26 public universities and colleges and more than 333,000 students. According to USG, some of the hijacked PII includes names, physical and email addresses, phone numbers, Social Security numbers, salary and benefit data, among other highly sensitive information.

Emsisoft reports the education sector is most targeted by Clop’s MOVEit breach, representing 40.6% of all reported attacks. Other victims include the health sector at 19.2%, and professional and finance services at 12.1%. With education victims leading the pack, it’s a symptom of the ongoing trend of cyberattacks against these institutions.

Data Treasure Troves

File transfer services like MOVEit are increasingly targeted due to the vast amount of data their servers hold. Sensitive PII is a goldmine for hackers who use and/or sell the data for their own financial gain. The information-linked services offered by MOVEit and others like them gives incentive to attackers looking for a jackpot of lucrative information.

USG is notifying victims, offering them free credit monitoring, and identity protection services. Whenever free credit monitoring is offered, it’s a good plan to take advantage of it. Just remember that it won’t prevent someone from using the information for fraud; the service will merely alert you that someone is trying.

USG also immediately applied security patches available for the MOVEit flaw, but many organizations using the service have yet to follow suit. Waiting to use security patches is a lesson in “what not to do” taught in Cyber-Education 101. Class dismissed!