The New York City Department of Education is the latest victim in the MOVEit Transfer attack, where it reported that sensitive data of around 45,000 students were leaked.
The department has also noted the data leak of some of its teachers and other personnel but didn’t mention the exact number. Aside from notification, the Department also offers a free identity monitoring service to the affected people in this incident.
NYC Education Department Data Leak
The MOVEit Transfer supply chain attack is more disastrous than any other. Clop ransomware, the threat actor behind this attack, has achieved the name of its life with this hit, as major organisations reveal themselves being victims of this attack every other day.
The latest in this pursuit is the New York City Education Department, which notified parents that the sensitive data of around 45,000 students were leaked. Some data points include social security numbers and birth dates, which were revealed in the recent MOVEit Transfer attack.
The department has also stated that the personal information of its staff and many teachers were affected but didn’t mention the exact number. Saying that it’s their top priority to determine precisely which confidential information was exposed, the education department is informing all the affected personnel and offering them access to an identity monitoring service.
Though it was a minor breach compared to other victims, it’s still significant considering the type of data compromised by minors. Clop ransomware has earlier stated that it’ll delete any data stolen from government agencies, children’s hospitals and the military. So, we’re unsure if it exploits the student’s data here or ignores it responsibly.