University of Missouri Data Breach

The University of Missouri hosts around 30,000 students with 17,000 staff members and spans four campuses. Mizzou is the most recent breach announcement involving the MOVEit transfer application’s zero-day vulnerability; the MOVEit breach has impacted thousands of consumers worldwide.

What Was the Breach?

• Social Security Numbers

How Did the Breach Occur?

The MOVEit zero-day vulnerability has been a glaring target for bad actors for months. In August, Mizzou announced a data leak from a provider and public clearing house. This recent breach was not through a provider but through Progress Software, which oversees MOVEit transfer files.

When Did This Breach Occur?

Progress Software notified Mizzou of the possibility of a breach on May 31st, 2023. Mizzou immediately conducted a manual review of their information and concluded that suspicious activity may have happened on or around September 7th. On October 20th, Mizzou sent breach notifications to impacted parties. The institution then notified the Maine Attorney General of the events.

Who Does the Breach Impact?

Mizzou’s breach notification does not state who may feel the impact of the cyber event. Instead, it says the addressed individual had “personal information in the affected data set.” Simultaneously, the Maine filing states the breach may have impacted 118,000+ people; given their lower student population, it’s likely that many associated parties had leaked information in the attack.

How Many Files Does the Breach Affect?

The number of infected files is not public; despite this, Mizzou’s notice suggests that impacted parties immediately consult with identity and financial monitoring services. We suggest all associates, alums, students, staff, contractors, donors, and associates watch their personal information scrupulously for suspicious activity.