Another Click2Gov breach? Why is this still happening?

Hays Post reports:

Authorities are investigating a data breach that may have affected hundreds of customers in Kansas.

On Friday, the City of Topeka was notified by their Utility Billing Payment System software vendor Central Square that the city had been a potential victim cyber-attack, according to a media release.

This potential data breach has not been confirmed at this time. 

Read more on Hays Post.  The city’s notification on their website follows:

City of Topeka Potential Victim of a Cyber-Attack
December 10, 2018 


On the afternoon of December 7th, the City of Topeka was notified by our Utility Billing Payment System software vendor Central Square that the City of Topeka has been a potential victim cyber-attack. This potential data breach has not been confirmed at this time. Central Square has turned over their information to a forensics investigator to confirm the potential breach of the City of Topeka Utility Billing Payment System. On Saturday, December 8th the City of Topeka Information Technology team went through the data breach system and did not see any malicious activity. As a potential victim of a cyber-attack, the City of Topeka wants to keep our costumers information safe and city Information Technology staff worked with the software vendor on December 7th to transition the current online Utility Billing Payment System to a more secure platform as advised by the software vendor. Local law enforcement and the FBI have been notified of the potential breach.


The City of Topeka is working with very limited information at this time regarding the potential cyber-attack. The data breach occurred between October 31st and December 7th. The data breach would affect any City of Topeka Utilities customer who made a one-time payment or set up autopay during this time. E-checks and customers who set up autopay before October 31st will not be affected. While this potential compromise has not been confirmed by a qualified forensic investigator yet, the City is strongly recommending, as a precautionary measure, customers who make credit card or debit card transactions using the online Utility Billing Payment System between October 31st and December 7th to contact their credit card issuer for advice related to the potential exposure of their credit card information.


As the potential victim of a cyber-attack, the City of Topeka has identified that up to 10,000 customers have been potentially impacted by the data breach. City of Topeka Utilities Department will be sending a letter to customers whose information has potentially been impacted.


Information on the potential breach will be on the City of Topeka website front page and updated as information becomes available. You can find more information on how to respond to a data breach at: https://www.ftc.gov/data-breach-resources

About the author: Dissent