DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NY State Comptroller DiNapoli Releases School District Audits

Posted on April 18, 2021 by Dissent

New York State Comptroller Thomas P. DiNapoli announced school district audits this week. Here are the summaries with links to the audit reports:

Hudson City School District – Information Technology (Columbia County)

District officials did not adequately secure and protect its information technology (IT) systems against unauthorized use, access and loss. The board and district officials also did not adopt adequate IT policies or a disaster recovery plan. Auditors found questionable internet use on four of six computers tested. School officials also did not disable 123 of the 462 enabled network accounts auditors examined. These 123 user accounts were not needed and included generic and former employee accounts. In addition, sensitive IT control weaknesses were communicated confidentially to officials.

Royalton-Hartland Central School District – Information Technology Contingency Planning (Genesee County, Niagara County and Orleans County)

The board and district officials have not developed and adopted a comprehensive written information technology (IT) contingency plan. The district pays $10,500 for central site infrastructure support, which includes a disaster recovery plan template, a key component of an IT contingency plan. Although the district paid for a template, officials did not obtain it. Without a comprehensive written IT contingency plan in place that is properly distributed to all responsible parties and periodically tested for efficacy, district officials have less assurance that employees will react quickly and effectively to maintain business continuity. As a result, important financial and other data could be lost, or suffer a disruption to operations.


Related:

  • Two more entities have folded after ransomware attacks
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Missouri Adopts New Data Breach Notice Law
  • North Country Healthcare responds to Stormous's claims of a breach
  • Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
  • 70% of healthcare cyberattacks result in delayed patient care, report finds
Category: Commentaries and AnalysesEducation SectorU.S.

Post navigation

← Phone House Spain hit by Babuk ransomware, 3 million users affected.
Vermont Health Connect had 10 data breaches last winter →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • White House ordered to restore Medicaid funding to Planned Parenthood clinics
  • California Attorney General Announces $1.55M CCPA Settlement with Healthline.com
  • Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance
  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report