Personal Data of 1 Million New York Students Hacked: Department of Education

A major data breach.

Roughly 1 Million students in New York City have reportedly been notified by the state's Department of Education that their data may have been compromised after a former software vendor of the DOE suffered a major data breach.

According to a letter sent to one graduate and seen by sources, the New York City Department of Education started notifying hundreds of thousands of other current and former students last week that they were victims of the cyberattack involving one of the DOE's former software vendors.

Finnish Hacker Sentenced for Major Data Breach, Blackmail in Psychotherapy Center Case
A hacker from Finland was proven guilty of seeking a ransom from patients of a psychotheraphy center on top of hacking thousands of confidential data. Mika Baumeister from Unsplash

(Photo: Mika Baumeister from Unsplash)

The DOE later disclosed that, in addition to the initial notice of almost 800,000 impacted current and former pupils, the vendor had alerted it in October that a much larger number of youngsters had also been victims, bringing in an extra 380,000 pupils for city public schools.

According to the DOE letter, the compromised personal data include ethnicity, date of birth, student's name, academic records, and enrollment status.

Education officials stated that no financial or social security information was compromised. To help prevent identity theft, the DOE said that it is providing the affected students, who graduated from the program years before the security breach, with two years of free credit and identity-monitoring services through vendor IDX.

More Data Breach Warnings to Come

The recent letter sent to affected current and former students provides a link to an updated security alert on the DOE website.

The notice states that in 2022, some 387,000 current and past NYCPS students were newly identified as being affected by Illuminate's data security problem. According to a DOE representative, it's more like 381,000.

According to the DOE, 94,000 more current and past public school kids will also receive a second warning after Illuminate discovered more of their data that was impacted by the 2022 data security incident.

Illuminate Data Breach

The affected students are linked to the 2022 data breach on Illuminate, a former software vendor to several NYCPS schools that offer educational software applications and technology support.

Before June 30, 2022, several NYCPS schools used Illuminate software to track student attendance, record homework and grades, correspond with parents, administer tests and exams, and assist with other administrative tasks.

Illuminate discovered questionable behavior in a few of their apps in January 2022. Illuminate informed NYCPS in March 2022 that illegal access had occurred to certain systems, including student data, between December 28, 2021, and January 8, 2022.

NYCPS contacted current and former students who Illuminate determined were impacted by this incident in May 2022. NYCPS made complimentary two-year enrollment in identity monitoring services available to impacted kids.

A separate hack attack last summer compromised the Social Security numbers, dates of birth, employee IDs, and OSIS numbers of 45,000 students, staff members, and service providers.

In a letter to staff at the time, the DOE stated that 9,000 Social Security numbers were stolen and that 19,000 documents were accessed from the file-sharing system MOVEIt.

ChatGPT Privacy Guide: Here Are Some Tips to Protect Your Data in OpenAI's Chatbot
Here are some tricks that you can do to have more privacy when using OpenAI's ChatGPT. Tech Times

(Photo: Tech Times)

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics