DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Schumer, In Manhasset, Promises Cybersecurity Aid to School Districts

Posted on December 14, 2021 by Dissent

Jennifer McLogan reports:

 Cyberattacks against school systems are becoming more damaging and aggressive with threats of extortion, unless ransom is paid.

It’s costing taxpayers big bucks to repair school technology.

Now help is on the way from the federal government.

Read more at CBS.

See more at NY State Senator Anna Kaplan’s website, where Frank Rizzo reports, in part:

Published sources indicate that New York State will get about $28 million of that total for cybersecurity, part of the $1.2 trillion bipartisan infrastructure bill. Districts can apply for aid once the details are released. The money will help districts affected by a cyberattack to recover, while also preventing future attacks by providing the funds necessary to implement software and other protective measures.

Hopefully they will have some actual strings on the funds so that districts are required to implement better proactive security to qualify for recovery aid if they are attacked. Media coverage portraying districts as victims often fails to reveal how sloppy some districts have been about storing unencrypted personal and sensitive data that is decades old — and then complaining that criminals dumped it on the dark web.

In the 1970s, the federal government offered school districts federal support/funding that would flow through the state education agencies. The “string” that was put on the funding was that the district would have to adopt and comply with Section 504 of the Rehabilitation Act of 1973.  Most schools did.

DataBreaches.net is recommending a similar approach — that districts can qualify for federal funding for cybersecurity assistance and recovery assistance, but only if they comply with certain security standards to be set by the government. And as part of it all, all school districts that experience a data breach involving personal information of employees or students should be required to report the breach to the U.S. Department of Education. A portal that allows districts to report that is similar to what states and HHS use for receiving reports can be established so that there is greater transparency about the extent of breaches in the education sector.

Related posts:

  • Kept in the Dark — Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
  • Break Down and Insight into Project Sun Rise African data leak
  • Why federal efforts to protect schools from cybersecurity threats fall short
  • Audits of New York schools and the State Education Department reveal ongoing significant concerns
Category: Breach IncidentsEducation Sector

Post navigation

← ID: Ransomware attacks Shelley School District computers
Eastern Health Provides Update Regarding Breach of Privacy and Information →

2 thoughts on “Schumer, In Manhasset, Promises Cybersecurity Aid to School Districts”

  1. Doug Levin says:
    December 14, 2021 at 7:55 am

    Don’t hold your breath, Dissent… These are ‘optimistic’ reports of how the State and Local Cybersecurity Improvement Act actually will work.

    The money will be doled out over 4 years (not at one time) and states must contribute an escalating match (10-40%, goes up 10% a year). State can reserve 20%; 80% of funds are then made available to ALL local govt agencies – depending on a to-be-written state plan. As such, school districts will be competing with other local gov’t agencies for support. Eligible expenditures not yet determined. Some expect states to opt out of the federal support in later years of the program due to the matching requirement.

    1. Dissent says:
      December 14, 2021 at 10:30 am

      That’s why I suggested an approach similar to what was used with Section 504. The approach you describe above will not work — and we both understand that. New York is in a somewhat different situation than most other states because there is the intermediate tier — BOCES — which handles a lot of functions for its constituent districts. Those districts pay BOCES a fee each year, but then also additional monies depending on what services BOCES may provide in the way of special education services, etc. If BOCES actually takes over server security or monitoring of a single contractor who provides services for districts, things might improve. But someone has got to get districts to stop storing so much data so haphazardly. There are districts that use third-party vendors to create and store IEPs and all, and that’s fine, if they are properly secured, but then you have employees leaving their computers on and logged in, etc., or there’s an unencrypted list on some admin’s desktop with everyone’s username and password. 🙁

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.