Approximately 19, 000 documents were accessed without authorization. They include student evaluations, related service progress reports, Medicaid reports and internal records related to Department of Education employees.
The types of data and information impacted for each individual varies from person to person. For example, not everyone’s Social Security number was impacted.
Multiple schools in the Bronx and Brooklyn have been affected, along with DOE staff members as a result of the breach.
The Department of Education sent News 12 a statement regarding the breach:
“The safety and security of our students and staff, including their personal information and data, is of the utmost importance for the New York City Department of Education. We recently learned of a security vulnerability in a third-party file-sharing software, MOVEit, which has impacted both private and government customers globally. Working with NYC Cyber Command, we immediately took steps to remediate, and an internal investigation revealed that certain DOE files were affected. Currently, we have no reason to believe there is any ongoing unauthorized access to DOE systems. We will provide impacted members of the DOE community with more information as soon as we are able.”