University System of Georgia Data Breach

What Happened?

On May 28, 2023, the University System of Georgia (USG) experienced a significant data breach due to a vulnerability in the MOVEit® Secure File Transfer software provided by Progress® Software. This vulnerability was exploited by a cybercriminal group known as CL0P, resulting in unauthorized access to sensitive files stored on the MOVEit® platform used by USG and other entities worldwide.

The breach was promptly detected, and USG took immediate action by blocking the compromised software on May 31, 2023. An update and security measures were swiftly implemented following guidance from Progress® Software and the Cybersecurity and Infrastructure Security Agency (CISA). USG has since conducted a thorough investigation to identify the individuals whose information may have been compromised.

Information Exposed

The data accessed by the cybercriminals included a range of personal information, potentially putting affected individuals at risk of identity theft and fraud. The exposed data may comprise:

• Full or partial Social Security Numbers (including the last four digits)
• Dates of Birth
• Bank account numbers
• Federal income tax documents containing Tax ID numbers

Immediate Steps Taken

In response to this incident, USG has been proactive in safeguarding against future breaches. The software has been updated and secured, and an extensive investigation was launched to ascertain the scope of the breach. USG is also providing affected individuals with complimentary access to Experian IdentityWorksSM for a specified term to help monitor and protect their identity.

What You Can Do

If you suspect that your information was part of this breach, it is crucial to act promptly to minimize potential damage. Here are some recommended steps:

1. Visit the Federal Trade Commission's website for guidance on protecting yourself from identity theft.
2. Enroll in the free credit monitoring service offered by Experian using the activation code provided by USG before the enrollment deadline of July 31, 2024.
3. Consider placing a security freeze on your credit files with the major consumer reporting agencies, which can be done free of charge.

Additional Resources and Assistance

USG is offering comprehensive support to those impacted, including identity restoration services through Experian. For more details on how to utilize these services or if you require alternative enrollment methods, please contact Experian’s customer care team at 833-918-1243 and provide the engagement number mentioned in the notice.

For further information, you may also refer to the disclosure on the California Attorney General's website.

USG sincerely regrets any inconvenience or concern this incident may have caused and is committed to maintaining the privacy and security of personal information. If you have additional questions or concerns, you are encouraged to reach out using the contact information provided in the notice.