Payment Card Breach Hits 8 Cities Using Vulnerable Bill Portal
Two years after a vulnerability in payment software used by municipalities across the United Sates resulted in a breach exposing the payment card details of hundreds of thousands of US citizens, threat actors have managed to attack the Click2Gov software one again.
In August of this year, attackers exploited another flaw in the software, which enabled them to obtain over 20,000 records from residents in Deerfield Beach, FL, Palm Bay, FL, Milton, FL, Coral Springs. FL, Bakersfield CA, Pocatello ID, Broken Arrow, OK, and Ames, IA. The compromised information is being sold on underground market places. A recent analysis by Gemini Advisory stated that “many of the affected towns were operating patched and up-to-date Click2Gov systems but were affected nonetheless.”