City’s Water Payment Data Breach May Be the Work of Cryptocurrency Pirates

SAN ANGELO, TX — San Angelo residents who pay their water bills online using a credit or debit card have a new worry; cryptojacking.  

According to statescoop.com, hackers using cryptocurrency mining software are to blame for the breaches of dozens of cities who use Click2Gov to process online credit card payments.  And that Click2Gov has known about the breach for at least a year with dozens of cities affected.

Cryptocurrency is a complex online virtual currency system. 

“But possibly exposing residents' personal information is not the only headache Click2Gov customers have experienced. After discovering a breach on June 6, (the City of Wellington, FL’s) chief information officer, William Silliman, told the village’s leaders the incident actually began as an attempt by hackers to surreptitiously install cryptocurrency-mining software on municipal computers, a tactic called cryptojacking that has grown in popularity among hackers in recent months. The mining operation morphed into an effort to steal credit card numbers, and ultimately Wellington concluded that payments for water bills between July 2017 and February 2018 may have been compromised.”

Researchers say that as many as 6,000 installations of the Click2Gov software can be linked to governments around the country that are still likely vulnerable to cyberattacks.  Apparently, that includes the City of San Angelo.

Other cities that have reported data breaches related to Click2Gov include Goodyear, Arizona; Thousand Oaks, California; Fond du Lac, Wisconsin; and Beaumont, Texas. In every case, the incidents led to those communities shutting down their utility payment websites and notifying hundreds or thousands of residents that their credit-card information might have been nabbed.

Superion, the Florida software company that publishes Click2Gov, told StateScoop some of its clients started noticing suspicious activity last year, and that it “took proactive steps” to notify customers starting in September. “The company also said it hired a forensic investigator to determine the source of the data breaches.” Superion spokeswoman Carol Matthieu said.

Matthieu said Superion is continuing to help its customers patch their systems, but it’s unclear how many more cities will run into problems with the company’s software. Inga Goddijn, Risk Based Security’s executive vice president wrote that Risk Based Security’s investigation concluded that multiple releases of Click2Gov have been installed anywhere between 600 and 6,000 times, suggesting that more breaches are inevitable. Superion declined to share information about its customers.

As we reported earlier, the City of San Angelo has temporarily shut down its online water utility bill payment system.