What happened in the TIAA data breach?

Twingate Team

May 24, 2024

In May 2023, the Teachers Insurance and Annuity Association of America (TIAA) faced a data breach due to a cyberattack on the MOVEit file transfer software platform. The incident led to a class-action lawsuit filed by a former teacher-client, alleging inadequate cybersecurity and unencrypted data. The breach affected a significant number of TIAA clients, exposing their personal information.

How many accounts were compromised?

The breach impacted data related to approximately 2.3 million individuals.

What data was leaked?

The data exposed in the breach included Social Security numbers, email addresses, names, phone numbers, employers, job titles, geographic locations, and social media profiles.

How was TIAA hacked?

The data breach at TIAA occurred due to a cyberattack on the file transfer software platform MOVEit, which exposed sensitive client information. The ransomware group Clop was responsible for the attack, compromising over 600 organizations and 40 million individuals. A vulnerability in one of PBI Research's MOVEit Transfer servers allowed unauthorized access to TIAA data, and the hackers used MOVEit ransomware to carry out the breach.

TIAA's solution

In response to the hack, TIAA took several measures to enhance the security of its platform and prevent future incidents. This included establishing a Security Operations Center for fast and accurate protection from cyberattacks, implementing stringent security patching practices to address vulnerabilities, and employing data loss prevention controls to prevent data from falling into the wrong hands. TIAA also strengthened its supplier risk management practices to ensure suppliers adhere to their expectations. Furthermore, the company works with cybersecurity experts to ensure the best possible protection for their clients' data and accounts. In case of a security breach, TIAA provides credit monitoring and identity theft repair services to affected clients and follows state and federal law-based incident response and notifications to keep clients informed about any security issues.

How do I know if I was affected?

TIAA reached out to affected users following the data breach. If you are a TIAA client and have not received a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to TIAA's data breach, please contact TIAA's support directly.

Where can I go to learn more?

If you want to find more information on the TIAA data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

What happened in the TIAA data breach?

What happened in the TIAA data breach?

Twingate Team

May 24, 2024

In May 2023, the Teachers Insurance and Annuity Association of America (TIAA) faced a data breach due to a cyberattack on the MOVEit file transfer software platform. The incident led to a class-action lawsuit filed by a former teacher-client, alleging inadequate cybersecurity and unencrypted data. The breach affected a significant number of TIAA clients, exposing their personal information.

How many accounts were compromised?

The breach impacted data related to approximately 2.3 million individuals.

What data was leaked?

The data exposed in the breach included Social Security numbers, email addresses, names, phone numbers, employers, job titles, geographic locations, and social media profiles.

How was TIAA hacked?

The data breach at TIAA occurred due to a cyberattack on the file transfer software platform MOVEit, which exposed sensitive client information. The ransomware group Clop was responsible for the attack, compromising over 600 organizations and 40 million individuals. A vulnerability in one of PBI Research's MOVEit Transfer servers allowed unauthorized access to TIAA data, and the hackers used MOVEit ransomware to carry out the breach.

TIAA's solution

In response to the hack, TIAA took several measures to enhance the security of its platform and prevent future incidents. This included establishing a Security Operations Center for fast and accurate protection from cyberattacks, implementing stringent security patching practices to address vulnerabilities, and employing data loss prevention controls to prevent data from falling into the wrong hands. TIAA also strengthened its supplier risk management practices to ensure suppliers adhere to their expectations. Furthermore, the company works with cybersecurity experts to ensure the best possible protection for their clients' data and accounts. In case of a security breach, TIAA provides credit monitoring and identity theft repair services to affected clients and follows state and federal law-based incident response and notifications to keep clients informed about any security issues.

How do I know if I was affected?

TIAA reached out to affected users following the data breach. If you are a TIAA client and have not received a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to TIAA's data breach, please contact TIAA's support directly.

Where can I go to learn more?

If you want to find more information on the TIAA data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

What happened in the TIAA data breach?

Twingate Team

May 24, 2024

In May 2023, the Teachers Insurance and Annuity Association of America (TIAA) faced a data breach due to a cyberattack on the MOVEit file transfer software platform. The incident led to a class-action lawsuit filed by a former teacher-client, alleging inadequate cybersecurity and unencrypted data. The breach affected a significant number of TIAA clients, exposing their personal information.

How many accounts were compromised?

The breach impacted data related to approximately 2.3 million individuals.

What data was leaked?

The data exposed in the breach included Social Security numbers, email addresses, names, phone numbers, employers, job titles, geographic locations, and social media profiles.

How was TIAA hacked?

The data breach at TIAA occurred due to a cyberattack on the file transfer software platform MOVEit, which exposed sensitive client information. The ransomware group Clop was responsible for the attack, compromising over 600 organizations and 40 million individuals. A vulnerability in one of PBI Research's MOVEit Transfer servers allowed unauthorized access to TIAA data, and the hackers used MOVEit ransomware to carry out the breach.

TIAA's solution

In response to the hack, TIAA took several measures to enhance the security of its platform and prevent future incidents. This included establishing a Security Operations Center for fast and accurate protection from cyberattacks, implementing stringent security patching practices to address vulnerabilities, and employing data loss prevention controls to prevent data from falling into the wrong hands. TIAA also strengthened its supplier risk management practices to ensure suppliers adhere to their expectations. Furthermore, the company works with cybersecurity experts to ensure the best possible protection for their clients' data and accounts. In case of a security breach, TIAA provides credit monitoring and identity theft repair services to affected clients and follows state and federal law-based incident response and notifications to keep clients informed about any security issues.

How do I know if I was affected?

TIAA reached out to affected users following the data breach. If you are a TIAA client and have not received a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to TIAA's data breach, please contact TIAA's support directly.

Where can I go to learn more?

If you want to find more information on the TIAA data breach, check out the following news articles: