BreachExchange mailing list archives
City of Bakersfield announces data breach from hacked Click2Gov system
From: Destry Winant <destry () riskbasedsecurity com>
Date: Wed, 14 Nov 2018 02:00:01 -0600
https://www.bakersfield.com/news/city-of-bakersfield-announces-data-breach-from-hacked-click-gov/article_753d61ba-e6d3-11e8-a527-8316ecef574f.html The city of Bakersfield has reported that a “cyber-security incident” may have compromised the personal and financial information of those who used the city’s Click2Gov online payment processor. In a news release sent this afternoon, the city said it was notified that payment cards used legitimately through Click2Gov were later detected to have been used in fraudulent activity. “Safeguarding financial information is the city’s highest priority. The city takes cyber-security very seriously and works daily to ensure all online systems are secured to the highest extent possible,” the city said in a statement. The city investigated the initial report and discovered an unauthorized party had inserted a code into the Click2Gov system, which was developed by the third-party vendor CentralSquare Technologies and used by the city to process payments for building permits, utility bills and other activities. The city said the code was designed to capture payment card data and other information entered through Click2Gov between Aug. 11 and Oct. 1. A total of 2,400 user accounts may have been affected, the city said in its statement. The information taken includes name, address, email address, payment card number, expiration date and security code. The city has since removed the code from the Click2Gov system. “The city regrets any inconvenience or concern this incident may have caused,” the city’s statement read. Other municipalities appear to have also experienced similar data breaches. News organizations have reported on Click2Gov hacks that took place during the past year in Tyler, Texas, St. Petersburg, Florida, and Oxnard, among others. The city has sent letters have to those potentially effected by the breach. The letters include further steps individuals can take to protect their information online. The city has also implemented enhanced security measures to protect data, and has notified regulatory and law enforcement bodies across multiple jurisdictions. More information can be found at www.bakersfieldcity.us/click2govnotice. Those with receive a notice from the city and have more questions may call 888-278-8028. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- City of Bakersfield announces data breach from hacked Click2Gov system Destry Winant (Nov 14)