Personal data of over 45,000 public school students was compromised in a breach involving the file-transfer software MOVEit, according to a community letter sent to families and staff by the New York City Department of Education.
“DOE used MOVEit to transfer documents and data internally as well as to and from vendors, including third party special education service providers,” the letter said.
The breach is the latest expoit of a SQL injection vulnerability found in MOVEit Transfer, a widely used file transfer software by Progress Software.
To read this article in full, please click here