Raptor Data Vulnerability
In January 2024, Raptor, a third-party vendor used by the Spencer-Van Etten CSD and many other districts across New York State and the nation for checking people in at our front offices, has reported a data vulnerability. This was NOT a data breach. As a customer of Raptor, we were informed of the company’s identified vulnerability, and it is possible that some of our data may have been accessed by a single cybersecurity researcher who was checking securities on the Raptor network.
As Raptor works with its customers to address this situation, the company has informed S-VE CSD the data and documents involved in this leak have not been accessed by any other third parties beyond the single cybersecurity researcher. Raptor has stated to the district officials, “Regarding our Cybersecurity incident, Raptor has discovered a vulnerability regarding our product. We have discovered that the data may have been externally accessible. Upon discovery we have implemented remediation protocols to secure the data, there is no indication at this time that any data was accessed by third parties. We take security very seriously and are diligently investigating the matter.”
We want our greater school community to know that S-VE CSD is committed to protecting and securing educational data. Our team, along with support from GST BOCES, has extensive data security and privacy training, and our systems have controls in place to protect your child’s academic records and all the data our district handles and stores.
This issue is being investigated by Raptor, New York State Education Department, and the Spencer-Van Etten CSD, so if anything changes, or Raptor reaches out with new updates, we will share that information with our employees, parents, and families.
Sincerely,
Barbara J. Case
Superintendent of Schools
Data Privacy Officer