A ransomware organization has conducted a cyber attack that has affected students from New York City, tens of thousands have gotten their data stolen, although reports say some cases were worse than others.
NYC Ransomware Attack
The attack was directed at the New York City Department of Education. Around 45,000 students were impacted wherein some of the students had their social security numbers and birthdates stolen. Reports say that the attack affected faculty members as well.
The organization behind the hack is said to be the Clop ransomware organization, which was done through a MOVEit file transfer software, as mentioned in Engadget. It was made possible by the zero-day vulnerability in the software which also made other companies susceptible to hacks.
The New York City Department of Education expressed that the safety and security of their students and staff, including their information and data, is of "utmost importance" for the department. Finding out which confidential information was stolen has been a priority.
More importantly, the department has been trying to determine how the attack affects all the individuals who had their data stolen. Upon learning more about the extent of the attack, students and faculty members will be notified.
The department is also offering access to an identity monitoring service to those who have been impacted by the attack. With data like names, birth dates, and other information accessed by the threat actors, the victims might be subjected to fraudulent activities like identity theft.
Sadly, the recent incident is just an addition to the ongoing breaches that the ransomware gang has carried out. Given that the zero-day vulnerability also affected others, the hacker organization saw it as an opportunity to launch a series of attacks.
Other Ransomware Attacks
The Clop ransomware gang also claimed responsibility for other attacks in the past, stating that they have breached the servers of "hundreds of companies." The hacker group said that they started exploiting the vulnerability back on May 27th during the US Memorial Day holiday.
As you know, holidays often mean that fewer workers are in, meaning that threat actors are less likely to get caught while breaching a system. According to Bleeping Computer, conducting attacks during holidays has been a common tactic for the Clop ransomware group.
The ransomware organization threatened to post the stolen data from the MOVEit hacks on their leak website if the ransom is not paid, although it's still unknown whether the breach of the New York Department of Education is included.
The threat actors did not immediately use the data to perform fraudulent activities, nor did they extort any of the victims. This may be an indication that the hacker group is still determining which data is important and could be of use.
In some cases, the ransomware organization would wait for more than a month before even demanding a ransom, which is the case for the GoAnywhere MFT attacks, according to reports, so it might be a while before ransom demands are given for the students' data.