The College received notification that one of TIAA’s third-party vendors has been affected by the MOVEIt security vulnerability. TIAA confirmed that there are some individuals affiliated with the College whose personal information was involved.
The Teachers Insurance and Annuity Association (TIAA) is a financial organization that provides investment and insurance services for those working for organizations in the nonprofit industry in academic, research, medical, government, and cultural fields. TIAA administers the College’s 403(b) retirement plan.
Updates
Sent to ZWDfaculty, ZWDStaff, ZWDRetirees
Dear Colleagues,
The College received notification from TIAA that one of its third-party vendors has been affected by the MOVEIt security vulnerability. TIAA confirmed that there are some individuals affiliated with the College whose personal information was involved.
TIAA is the latest organization reporting that it has been impacted by the vulnerability in the MOVEIt file transfer application that has been covered in national and technology media. Wednesday evening, I wrote that the National Student Clearinghouse (NSC) notified us that some of the student data we provides to them was accessed in a similar incident.
TIAA has indicated that the personal information that is part of the incident is first and last name, address, date of birth, gender, and Social Security Number.
Pension Benefit Information, LLC (“PBI”), TIAA’s third-party vendor, will send affected individuals a letter in the coming weeks offering free credit monitoring for two years at no cost to them.
Additional information is provided in the TIAA update received today (below).
For additional information on safeguarding your account and staying updated, please visit the TIAA Security Center or contact TIAA directly at 800-842-2252 or via email at abuse@tiaa.org
Information Technology continues to monitor this developing event, both through TIAA communications and information security lists. We will provide relevant updates as we have them. We are compiling information about the College’s service providers that have been impacted by the MOVEIt vulnerability on IT’s website.
If you have any questions about this incident, please contact Vince DiScipio or Ellen Falduto.
FAQ
See TIAA’s privacy commitment
See TIAA’s data protection commitment.
Call TIAA at 800-842-2252, weekdays, 8 a.m. – 10 p.m. (ET)
You will receive a letter from TIAA and/or PBI stating that your information was involved. The letter will include more information about next steps. The sending of letters was expected to begin the week of July 10, 2023.
You should receive a letter by mail from TIAA’s third-party vendor, Pension Benefit Information, LLC (“PBI”). PBI will fulfill all required obligations under federal and state privacy regulations, including notifying you and offering free credit monitoring for two years at no cost. The letter will provide instructions and a unique code to reference when registering for the free credit monitoring. The letter will include a telephone number you may call to learn more or ask questions about the credit monitoring service.
Specific questions about your information, next steps, or credit monitoring should be directed to the organization in the letter you receive from PBI.