Doug Levin kindly alerted me that the Hartford Courant has a story on the Total Registration data security incident. … The school officials said that Total Registration, used by the district to register students for certain exams, informed them that certain information provided by students including name, grade level, gender, date of birth, address, email…
Category: Subcontractor
Condé Nast notifies 1,100 WIRED subscribers after subscriber page vendor breach
Condé Nast is notifying about 1,100 WIRED subscribers of a breach involving their payment information. In a notification letter dated May 9, they write: The WIRED subscription page is hosted by a third-party vendor. We believe that an unauthorized party accessed our vendor’s systems in an attempt to acquire information about approximately 1,100 WIRED subscription…
Numbers from the OS, Inc. breach dribble in…
OS, Inc. provides revenue management (billing) services to covered entities. I recently reported on a phishing-related breach they experienced in 2018 that was first disclosed this month. As I noted in that post, their notification specifically mentioned a number of their affected clients. Their disclosure did not, however, provide a total number of patients affected,…
American Medical Collection Agency breach impacted 200,000 patients – Gemini Advisory
A data breach involving a medical collection agency affected more than 200,000 patients who had used the firm’s online payment portal between September, 2018 and the beginning of March, 2019. At the end of February, Gemini Advisory analysts identified a Card Not Present (CNP) database that had been posted for sale in a dark web…
Vendor used by schools to register students for AP and PSAT exams left personal information of thousands students unsecured
A school contractor that provides online registration so students can sign up for AP and PSAT exams misconfigured their cloud storage, exposing students’ and parents’ personal information. A number of school districts or schools contract with a firm in Colorado called Total Registration, who, according to their web site, registered more than 525,000 students from…
Spectrum Health Lakeland notifies patients after billing vendor breach
I’m not finding anything on their web site just yet, but Spectrum Health Lakeland has reportedly been notifying patients about a breach involving their billing provider, OS Inc. WSJM reports that the health system learned of the breach on March 8 after an OS employee’s email account containing patient information was accessed without authorization. The information…