Well, this sounds like an epic FAIL on the City of Yonker’s part, doesn’t it?
City of Yonkers – Information Technology (Westchester County)
The IT department’s acceptable computer use policy was not signed or acknowledged by all employees and city officials have also not classified personal, private and sensitive information based on its level of sensitivity and the potential impact should that data be disclosed, altered or destroyed without authorization. In addition, city officials have not ensured that employees received adequate cyber security training and have not adopted a breach notification policy or a disaster recovery plan.
You can access the full report here (.pdf).