Student and employee data impacted by third-party cybersecurity incident

Two third-party vendors have notified Olympic College about a cybersecurity incident that may have exposed personally identifiable information of current and prospective students, as well as employees. OC is committed to the safety and security of our student data and is closely monitoring this situation for any impact on our community.

Student Data

The National Student Clearinghouse (NSC), a national nonprofit with 3,600 partner schools across the country, including OC, identified an exploit that compromised student data within its file transfer protocol. Internal student data within the ctcLink Student Management System database was not affected by the cybersecurity incident. NSC is actively monitoring the situation, but has not yet identified what sensitive information was accessed.

Employee Data

Employee data was exposed via Teachers Insurance and Annuity Association (TIAA), which offers financial services to those working in academic, research, medical, government and cultural fields across the country. OC provides TIAA with personally identifiable information of employees who use TIAA’s services. Vice President of Human Resources & Campus Operations Josh Masters shared information with employees about this incident, via email on July 21.

Students and employees who were impacted by the data incident will be contacted by NSC (students) or TIAA (employees) with more information and instructions. OC will continue to monitor this situation and seek additional information from NSC about the impact on our students, so that we can provide impacted students with further and more specific details as well.

Additional details about the incident are available on the NSC website.

Members of the OC community who believe their personal information may have been compromised are advised to follow specific recommendations of the Federal Trade Commission to keep your identity as secure as possible:

Closely monitor your credit reports

You can obtain a free copy of your credit report from each of the three major credit reporting agencies; Equifax, Experian, and TransUnion.

Place a fraud alert on your accounts

A fraud alert tells creditors to contact you before opening any new accounts or before making changes to existing accounts. You can place a fraud alert by contacting one of the three credit reporting agencies. A fraud alert at one of the agencies will automatically notify the other two services.

Freeze your credit

If you believe you are the victim of identity theft, file a police report and notify the Federal Trade Commission.

Block electronic access to your Social Security information

Contact the Social Security Administration at 1-800-772-1213 to block electronic access. This will prevent anyone from being able to see or change your personal information on the internet or by the administration’s automated telephone service.

More Info