John Leonard reports: The Labour Party has suffered a ‘cyber incident’ with personal details of members stolen from an unnamed third-party company that handles its membership data. In a statement the party says it was informed of the incident on October 29th and that “a significant quantity of Party data” had been rendered inaccessible. Labour does not give…
Category: Subcontractor
TN: Professional Healthcare Management discloses ransomware incident
PHM’s press release, followed by this site’s comments/notes: MEMPHIS–(BUSINESS WIRE)–Professional Healthcare Management, Inc. (“PHM”)1, located in Memphis, Tennessee, announced today that it recently became aware of a data privacy incident impacting its servers, which contained protected health and personal information of some PHM clients and employees. PHM is a business that primarily operates in the…
Merced County School District vendor reports a burglary that compromised protected health information
The Foundation for Medical Care of Merced County previously provided third party administration services for the Merced County School District’s medical and dental plans. The foundation currently provides member claims services for the school district’s medical plans. On August 3, 2021, there was a break-in at the foundation’s location during which an unknown intruder punched…
Customers Can Pursue Negligence Claims Directly Against Vendor (Blackbaud)
David Kessler and Susan Ross write: On October 19, 2021, a federal trial court in South Carolina ruled that a group of consumers could proceed with common law negligence and gross negligence claims directly against their organizations’ vendor that had been the victim of a security breach—instead of suing the organizations of which they were…
Over 400,000 German Students Data Leaked by a Flawed API
Manikanta Immann reports: Scoolio is a german app for students, used mainly for educational updates, record keeping, and networking. After informing the flaw to Scoolio’s developer, a fix was released this week to patch the bug. […] In September, a security researcher named Lilith Wittmann of Zerforchung firm has discovered a flawed API in Scoolio, through which she was able…
Nearly 30K former and current CU Boulder students’ personal information hacked
Alex Rose reports: The University of Colorado Boulder is sending emails to roughly 30,000 former and current students that have been impacted by a data breach, according to a release from the university. Most of the people impacted are no longer CU students or employees, according to the release. The university said the third-party software, provided…