About WCC » Policies & Procedures » Public Disclosure, Consumer Information & Records Index

Third-Party Data Breach Impacts WCC Community Members

Updated Aug 9, 2023

Several third-party vendors have notified Whatcom Community College of a cybersecurity incident that may have exposed personally identifiable information of current and past students as well as employees.

At issue is the popular filesharing application MOVEit Transfer used by businesses and organizations worldwide. WCC does not use the MOVEit software, though several third-party service providers do and have contacted the college about the potential exposure of personally identifiable information.

Among the vendors that have contacted WCC are the National Student Clearinghouse (NSC), and the Teachers Insurance and Annuity Association, TIAA.

National Student Clearinghouse

WCC contracts with NSC, on a number of endeavors, including enrollment and degree verification services as well as student loan reporting requirements. Personally identifiable information and student education records are provided to NSC as part of this work. NSC is the nation’s largest provider of electronic student record exchanges and postsecondary transcript ordering services. And helps institutions meet their growing compliance, administrative, student access, accountability, and analytical needs. Most U.S. postsecondary institutions rely on the Clearinghouse’s verification and reporting services as well as our one-of-a-kind StudentTracker research service.

The National Student Clearinghouse has posted details about this incident on its website.

Teachers Insurance and Annuity Association (TIAA)

TIAA offers financial services to employees working in academic, research, medical, government and cultural fields. WCC provides the names, addresses, dates of birth and social security numbers of employees who use TIAA’s services. Data transferred from WCC to TIAA was not compromised as part of the incident, though TIAA has indicated that Pension Benefit Information, LLC, one of its vendors, has been impacted.

WCC expects NSC and Pension Benefit Information, LLC, will contact impacted individuals directly as required by law.

Here Are Some Steps to Take To Protect Your Information

The Federal Trade Commission offers recommendations include: 

  • Closely monitor your credit reports.
    • You can obtain a free copy of your credit report from each of the three major credit reporting agencies; EquifaxExperian, and TransUnion.

  • Place a fraud alert on your accounts.
    • A fraud alert tells creditors to contact you before opening any new accounts or before making changes to existing accounts. You can place a fraud alert by contacting one of the three credit reporting agencies. A fraud alert at one of the agencies will automatically notify the other two services.

  • Freeze your credit at each of the three major credit reporting agencies.

  • If you believe you are the victim of identity theft, file a police report and notify the Federal Trade Commission at www.identitytheft.gov.

  • Block electronic access to your Social Security information.
    • Contact the Social Security Administration at 1-800-772-1213 to block electronic access. This will prevent anyone from being able to see or change your personal information on the internet or by the administration’s automated telephone service.

Moving Forward

Whatcom Community College expects that the National Student Clearinghouse, UnitedHealthcare, and Pension Benefit Information, LLC, a vendor for the Teachers Insurance and Annuity Association, will contact impacted individuals directly with additional details where required by law.

WCC will continue to update this webpage as new information becomes available from the service providers.