Earlier this week, DataBreaches reported that Imagine360 had the unfortunate experience of discovering that two of their file-sharing platforms had both suffered breaches within days of each other: Citrix and Fortra/GoAnywhere.
Today we bring you another double-whammy scenario. But in this one, it’s not two different platforms being breached within days of each other. This time, it’s two different vendors both falling prey to the MOVEit breach.
On June 29, Middlebury College in Vermont announced that both National Student Clearinghouse (NSC) and The Teachers Insurance and Annuity Association (TIAA) notified Middlebury that the college’s data had been caught up in the MOVEit breach by Clop. Middlebury shares student information with NSC and employee information with TIAA.
You can read Middlebury’s notice on its website, but DataBreaches suspects that we are going to hear of many more victims who may each have two or more vendors alerting them that their data was compromised in the GoAnywhere breach and/or the MOVEit breach. The mind boggles at the thought of so many victims having to deal with two investigations and incident response.