Saturday, April 13, 2024
HomeSECURITYData of 45,000 New York schoolchildren stolen by Clop hackers during attack...

Data of 45,000 New York schoolchildren stolen by Clop hackers during attack on MOVEit Transfer

-


Data of 45,000 New York schoolchildren stolen by Clop hackers during attack on MOVEit Transfer

Should the victims of the leak be concerned about their data, or will ransomware not release it to the public?

New York City Department of Education says hackers stole documents containing sensitive personal information from up to 45,000 school students from its server MOVEit Transfer during an attack on the service that occurred at the end of May.


MFTThe platform was used by the New York City Department of Health to securely transfer data and documents domestically and internationally to various providers, including special education providers.

The New York Department of Health patched the servers as soon as the developer disclosed information about the exploitable vulnerability ( CVE-2023-34362 ); however, by that time, the attackers had already managed to steal all the data they needed.

After the breach was discovered, the vulnerable server was taken down and the New York Department of Defense worked in collaboration with New York Cyber ​​Command to address the incident.

“We also conducted an internal investigation, which showed that certain files of the Department of Education were affected. Review of the affected files is ongoing, but preliminary results indicate that the data of about 45,000 schoolchildren were affected, in addition to department employees and related service providers,” said Emma Wadehra, Executive Director of the New York Department of Education, in published a couple of days ago a statement.

“The types of data affected include social security numbers and ID numbers,” Wadehra added. Moreover, as it turned out, the package of affected documents is not the same for each victim of the leak. The number of leaked documents of each type varies.

“The FBI is investigating a larger breach that has affected hundreds of organizations; we are currently cooperating with both the NYPD and the FBI in their investigation,” the executive director concluded.

It is worth recalling that hacking the MOVEit Transfer MFT platform happened May 27 thanks to a zero-day vulnerability CVE-2023-34362 . During their time on MOVEit systems, the hackers managed to steal the data of hundreds of companies. And not all of them reported the data breach publicly.

According to experts, an attack on the MOVEit Transfer service was being prepared back in 2021, when hackers probed possible ways to attack.

Almost immediately after the attack, the extortionists announced that they were not going to blackmail government institutions, but were more interested in private companies. In theory, if the attackers have not yet published the stolen data of schoolchildren and employees in the public domain, and have not presented a ransom demand, it is quite possible that nothing threatens the data of the people affected by the attack, and they will not fall into the hands of interested third parties at all.

Clop hackers are notorious for having similarly stolen the data of many companies from two other MFT services in the past – Accellion F.T.A. in 2021, and Fortra Go Anywhere at the beginning of this year.



Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular