Students’ credit card information breached at U of R

As students at the University of Regina were hitting the textbooks, a few hundred had questions over their credit card security.

PrismRBS, the e-commerce provider used by the university’s bookstore, had its security breached twice between January and April. The January one saw 279 people at the U of R affected while April’s saw 201 incidents. Between the two breaches, 480 students possibly had their credit card information compromised.

The university’s Paul Dederick said the U of R can’t sever ties with the provider instantly.

“We are certainly reviewing our relationship with this provider. We’re working with them, they’re undertaking a detailed security assessment,” Dederick said. “We are exploring potential short-term and longer-term options for online purchasing of textbooks through the bookstore.”

Those whose information was compromised were contacted by the university. Dederick does not believe anyone is out of pocket for anything due to the breach.

While the security review is being done, the university is asking people to place book orders.

“They purchase directly from us and then we place the order on their behalf as opposed to going online in which case their financial information is shared with that third-party vendor,” Dederick said.

“We share our campus community’s concerns. We’re committed to assisting our affected customers and we’re committed to taking the steps necessary to ensure this doesn’t happen again.”

The bookstore is the only place at the university that uses PrismRBS. The university has been using the vendor since 2009 and had not experienced security issues until January.

Dederick said the breach affected about 200 colleges and universities across North America.