In a major blow to the New York City Department of Education (NYC DOE), a significant data breach has occurred, compromising the personal information of tens of thousands of students.
The NYC DOE recently confirmed that hackers gained unauthorized access to its MOVEit Transfer server, a widely-used managed file transfer (MFT) software employed for secure data exchange. The breach, reportedly orchestrated by the notorious CL0P ransomware gang, resulted in the theft of sensitive files containing the personal information of approximately 45,000 students.
The attackers leveraged a Zero-Day vulnerability identified as CVE-2023-34362, exploiting it before security updates were made available. Despite the NYC DOE's swift response in patching the servers, the attackers had already accessed and exfiltrated data from the compromised system.
The NYC DOE discussed the incident in a letter to staff and families:
"Review of the impacted files is ongoing, but preliminary results indicate that approximately 45,000 students, in addition to DOE staff and related service providers, were affected. Roughly 19,000 documents were accessed without authorization.
The types of data impacted include Social Security Numbers and employee ID numbers (not necessarily for all impacted individuals; for example, approximately 9,000 Social Security Numbers were included)."
In response to the breach, the NYC DOE is actively collaborating with law enforcement agencies, including the Federal Bureau of Investigation (FBI) and the New York Police Department (NYPD), to investigate the incident thoroughly. The FBI is also examining the broader breach, which has affected numerous organizations worldwide.
[RELATED: MOVEit Vulnerability Exposes Millions in Oregon DMV Breach]
The CL0P ransomware gang has already begun extorting impacted organizations through its Dark Web data leak site. Several entities, including universities and government agencies, have confirmed falling victim to the MOVEit Transfer attacks. The full scale and impact of the extortion attempts are yet to be fully understood.
Affected individuals, particularly the impacted students, are strongly advised to take precautionary measures such as monitoring credit reports, checking for unfamiliar transactions or accounts, and promptly reporting any suspicious activity. Freezing credit files with credit monitoring agencies can provide an added layer of protection against unauthorized access.
Follow SecureWorld News for more stories related to cybersecurity.
