Yet another report of a data breach involving Click2Gov software by Central Square Technology. Previous coverage of the publicly disclosed breaches from 2017, 2018, and 2019 are linked from here. Also see research reports by FireEye, Gemini Advisory, and RBS for additional background. The latest victim to come forward — at least the most...
Update: The original post below was published on October 19, 2019. On January 10, 2020, Port Orange said that they were first notified by CentralSquare on November 6. Yet they had reportedly suspended payment by October 19 to investigate. So why has it taken them so long to make this follow-up announcement? Spectrum News...
It’s been a rough year for municipalities, and it’s only likely to get worse. While we read more and more reports of school districts becoming victims of ransomware attacks that delayed school openings or caused school closings, we have also read numerous reports of municipal police and law enforcement sites being defaced, and other...
On February 25, Pasquotank-Camden Emergency Medical Service in North Carolina reported a breach to HHS that affected 20,420 patients. A notification sent to the Vermont Attorney General’s Office explained that sometime in late December, 2018, the county became aware of an unauthorized intrusion from outside of the U.S. Investigation revealed that the intruder was...
Wayne K. Roustan reports: A data breach at a company that handles the billing for municipal water service has Pompano Beach city officials working to minimize the potential damage. Hackers gained unauthorized access to credit or debit card data stored with software company CentralSquare and used for one-time online water bill payments made through...
From the county’s notice, which you can find in its entirety here: Hanover County was recently notified about potential unauthorized charges on credit cards used by customers to pay their utility bills via the website between August 1, 2018 and January 9, 2019. The County takes the security and protection of its customers’ confidential...
Shane Ross of CBC reports: Saint John has shut down its online system used to pay parking tickets after discovering a data breach that could have exposed customer names, addresses and credit card information. The city uses a third-party software product called Click2Gov from its service provider, CentralSquare Technologies, to provide customers with...
Jeff John Roberts reports on a new report and analysis by Gemini Advisory: Paying parking tickets or municipal water taxes is never fun—and it’s even worse when hackers have compromised your town’s payment system. Yet, that’s what happened in dozens of towns across the U.S. where cyber crooks have made off with the personal...
Hays Post reports: Authorities are investigating a data breach that may have affected hundreds of customers in Kansas. On Friday, the City of Topeka was notified by their Utility Billing Payment System software vendor Central Square that the city had been a potential victim cyber-attack, according to a media release. This potential data breach...
City of Norman, OK temporarily suspends utility payment portal; ditches Click2Gov after another potential security incident