New York School District Had Weak Password Controls: Is Your Child's School at Risk?
An audit found Uniondale schools didn't properly manage staff login accounts, creating security risks. Parents should ask questions about their own school's practices.
Source
DataBreaches.net
Original headline: Uniondale Union Free School District – Audit Follow-Up by New York State Comptroller (2023M-61-F)
Plain-English summary by GetCyberRight. Read the full report at the source above.
The New York State Comptroller released an audit of the Uniondale Union Free School District on Long Island in October
- The audit examined how the district managed network access for staff members. Inspectors found that school officials did not adequately manage employee network accounts and permissions. This means staff login credentials and access levels were not properly controlled. This audit focused on one Long Island school district, but the problems identified could exist at schools anywhere. If your children attend Uniondale schools, staff accounts may have had excessive access to systems. For parents at other schools, this serves as a warning that your district might have similar weaknesses. Poor account management can lead to unauthorized access to student information or school systems. If your child attends Uniondale Union Free School District, contact the school administration to ask what steps they are taking to fix these issues. Request information about how they protect student data and staff accounts. For parents at any school district, you can take these steps:
- Ask your school's IT department about their password policies and account management practices.
- Request information about how often they review who has access to student information.
- Find out if your district conducts regular security audits. Stay involved in your school's technology decisions. Attend school board meetings where IT security topics are discussed. Many districts publish security policies online. Reading these policies helps you understand what protections are in place. If your district doesn't have clear answers about account security, encourage them to conduct their own audit like Uniondale did.
Curated from trusted cybersecurity sources by GetCyberRight
Source: DataBreaches.netStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

International Operation Arrests 28 in Child Exploitation Cases
Law enforcement across seven countries arrested suspects involved in child sexual exploitation using cryptocurrency and the dark web.
2 min read
International Police Operation Leads to 28 Arrests for Child Exploitation
Police across seven countries arrested 28 people for crimes against children online. The operation shows how criminals use cryptocurrency and the dark web.
2 min read
Popular Developer Tool Compromised With Malicious Software. Users Need to Act
A software package used by website developers was hacked to secretly install data-stealing software on computers. This affects developers who installed version 8.14.0.
2 min read
Dangerous Software Package Infected Computers During Installation
A popular developer tool called jscrambler was hijacked. If anyone in your household does coding or web development, read this carefully.
2 min read