Midwest City notifies residents of incident that affected numerous municipalities
Risk Based Security’s Inga Goddijn noticed a pattern of Click2Gov, a product of Superion Software, appearing in breach notification letters. The notifications came from cities across the United States, which reported both data breaches and the installation of cryptocurrency miners. Oxnard, Calif. was most recently breached; its incident occurred on May 25.
Further investigation by Superion showed the attackers didn’t break in through Click2Gov but through third-party software needed to use it: Oracle’s WebLogic application server.