P2018-ND-040

The Organization uses a service provider, Pixel Army, to provide e-commerce services enabling the Organization?s members/customers to order courses, materials and services using an internet website. On May 9, 2017, the Organization learned that an unknown third party, without authorization, accessed the server-end of the Organization?s e-commerce website. The Organization reported ?It appears that the incident involved an unauthorized ability to access AHSA’s website’s underlying data for a period of time??. The Organization reported that ?no payment information (no card or account details) was exposed? and further, ?limited personal information was potentially exposed, and ? there is no evidence that any information was exfiltrated from the site.?

File Type: pdf
File Size: 329 KB
Categories: 2018