Back

NYC Schools Face Ransomware and Malware Attacks Amid Oversight Gaps

Severity: High (Score: 66.0)

Sources: www.bloomberg.com, Gothamist

Summary

New York City's public school system is dealing with a ransomware breach affecting the Canvas platform, which has disrupted access for multiple educational institutions. Concurrently, malware was discovered on computers at a shared lab in one Manhattan school. A recent state audit highlighted significant gaps in the oversight of technology and student data management, revealing that nearly half of reported data breaches were not timely reported. The audit also found that the school system lacks a centralized inventory of applications, hindering risk assessments. Approximately 161,000 employees are required to complete annual data privacy training, yet a quarter failed to do so in 2024. The audit covered the period from March 2020 to September 2025, and the incidents reported are not included in its findings. The district is currently investigating the malware incident with local police. Key Points: • NYC schools are experiencing a ransomware breach affecting the Canvas platform. • Malware was found on computers in a Manhattan school's shared lab, prompting an investigation. • A state audit revealed significant gaps in data oversight and delayed breach reporting.

Key Entities

  • Data Breach (attack_type)
  • Malware (attack_type)
  • Phishing (attack_type)
  • Ransomware (attack_type)
  • Columbia University (company)
  • New York City Public Schools (company)
  • New York City Public School System (company)
  • Princeton University (company)
  • Rutgers University (company)
  • T1566 - Phishing (mitre_attack)
  • Canvas (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed