BINGHAMTON – Following a data breach back in January, a recent audit by the Broome County Comptroller has concluded that the county lacks a plan to recover and restore critical systems in the event of a data loss.
On January 2nd, the county determined that an employee’s direct deposit information was changed by an unknown third party.
Following an investigation, it was determined that the hacker gained entry with credentials from a phishing email.
Comptroller Alex McLaughlin’s audit earlier this month states that the Department of Information Technology has not developed or adopted a disaster recovery plan.
In a statement to NewsChannel 34 today, the IT Department says the county has a Continuity of Operations Plan or COOP, and Continuity of Government Plan, COG, which provides the framework for county departments to perform critical functions in the event of a system disruption.
It’s being supplemented by an IT Disaster Recovery Plan which has been in development since late 2018 and the final draft is expected to be presented to the Executive and Legislature this fall.
The audit alleged that certain aspects of the COOP and COG related to training and testing were not being followed.
Management’s written response blames a lack of manpower and funding.