MOVEit Data Security Incident

As reported in national news media, organizations around the world have been affected by a cybersecurity incident involving a software utility called MOVEit. This is a secure file transfer software used by many service providers to exchange data with their customers.

UnitedHealthcare Student Resources (UHCSR), the student health insurer, has notified the University that it was affected by the MOVEit software vulnerability, and as a result, the information for approximately 200 students enrolled in the UHCSR plan was impacted.

According to UHCSR, the involved data included name, date of birth, address, phone number, email address, plan identification number, policy information, student identification number, Social Security number or national identification number (for some, but not all students), and claims information, including claim numbers, provider information, dates of service, diagnosis codes, prescription information, and financial information associated with claims. This incident did not involve the disclosure of driver's license numbers or any financial account information.

UHCSR will send a notification to all affected students and will be offering free identity theft protection services. Please read the UHCSR notice carefully. In the meantime, additional information about protecting your identity online is available at is.richmond.edu/infosec/securityawareness/tips/idtheft.html.