[BreachExchange] Oxnard city officials investigate data breach

Inga Goddijn inga at riskbasedsecurity.com
Thu May 31 09:40:38 EDT 2018


Oxnard city officials learned of a data breach last week that may have
affected the personal data of utility customers in the city.

On Friday, the city was contacted by a bank representative about fraudulent
purchases being made with the cards people used to pay their utility bills
using the city’s Click2Gov (Superion) online payment system.

The issue was reported to law enforcement and the software vendor, which
used a third-party forensic firm to conduct an investigation. The vendor
later told the city a vulnerability in the software allowed an unauthorized
person to access the computer used to process the credit card transactions.
After two rounds of security patches, the city notified customers of the
potential breach.

Customers believed to be possibly affected by the data breach are those who
used the Click2Gov payment system to pay their Oxnard utility bill between
Saturday and Tuesday. Those who paid their bills over the phone during that
time are unaffected by the breach because it is a separate software system.

Customers are asked to review their payment card account statements for any
unauthorized charges and to immediately report any to the card issuer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180531/ee1431d6/attachment.html>

More information about the BreachExchange mailing list