Hackers steal data of 45,000 New York City students in MOVEit breach. The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server. The managed file transfer (MFT) software was used by NYC DOE to securely transfer data and documents internally and externally to various vendors, including special education service providers. NYC DOE patched the servers as soon as the developer disclosed info on the exploited vulnerability (CVE-2023-34362); however, the attackers were already abusing the bug in large-scale attacks as a zero-day before security updates were available. Third-party company: Ipswitch, Inc..