By:  Hal C. Clarke

Anuraag Sharma, the Chief Technology Officer of the city’s Department of Education, has submitted his resignation following a widespread hack that compromised the sensitive information of thousands of students and staff members.

Sharma has held the position of the DOE’s top tech chief since 2019, serving during the tenures of former Mayor Bill de Blasio and current Mayor Eric Adams, NY Post reported.

The hack affected approximately 45,000 students, school employees, and service providers, resulting in the unauthorized access of social security numbers, dates of birth, employee IDs, and OSIS numbers (nine-digit numbers issued to city public school students). The breach involved 19,000 documents accessed from the file transfer system MOVEIt, with 9,000 social security numbers stolen, as detailed in a letter sent to staff by the DOE.

It is worth noting that last year, personal data from 820,000 current and former city students was also compromised in a separate hack. Despite the recent data breach, an insider asserted that Sharma was well-regarded, and his departure was voluntary and unrelated to the security incident.

Sharma has been a long-time employee of the city, with nearly 20 years of service in various roles. Prior to being the Chief Technology Officer, he served as the Chief Information Officer for the departments of design and construction, as well as youth and community development. He also worked for the Health Department for ten years, holding the position of assistant commissioner for IT solutions and delivery.

Sharma’s resignation is not the only recent departure within the Adams administration. Michael Vaughn, the communications chief at the DOE, recently quit due to a series of public relations missteps. Other high-ranking officials, including Savita Bharadwa (chief strategy officer) and Desmond Blackburn (deputy chancellor for leadership), have also left their positions.

This ongoing turnover in key educational leadership roles has garnered attention and raises questions about the stability and direction of the Department of Education under the new administration. Both the DOE and Mayor Adams’ office declined to comment on the matter.

The breach affected approximately 45,000 students, along with school employees and service providers, as officially announced. The compromised confidential data includes social security numbers, dates of birth, employee IDs, and OSIS numbers—unique nine-digit identifiers issued to all city public school students, NY Post reported.

The DOE confirmed that a total of 19,000 documents were accessed from the file transfer system MOVEIt, with 9,000 Social Security numbers being stolen. Among the accessed documents were student evaluations, progress reports, Medicaid reports, and records related to leave status for DOE employees.

According to spokesperson Nathaniel Styer, the safety and security of students and staff members, along with their personal information and data, are of utmost importance to the New York City Department of Education. The security vulnerability was discovered in the third-party file-sharing software MOVEit, which is widely used globally by private and government customers.

The DOE took immediate steps to remediate the situation upon discovering the breach in collaboration with NYC Cyber Command. An internal investigation revealed that certain DOE files were affected, prompting further cooperation with the NYPD and FBI for thorough investigations.

The specific timeframe during which the hack occurred was not disclosed by the DOE. However, they assured that there is currently no indication of ongoing unauthorized access to DOE systems. The notification process for individuals whose information was compromised will begin during the summer.