A data breach of an third-party online payment system has compromised the personal information of Hanover County, Virginia, residents.
In an official online notification, county officials have disclosed that an unauthorized party stole credit card information processed by the Click2Gov payment portal between Aug. 1, 2018 and Jan. 9, 2019. Exposed information includes customer names, credit card numbers and expiration dates.
A product of CentralSquare Technologies, Click2Gov is a portal used by government entities to accept payments for permits, licenses, fines and utilities.
In response to the incident, the county “isolated the Click2Gov system from public access to try to find what information had been compromised and whether the County’s system was still vulnerable,” the notification states. Additionally, “The county has been working with MS-ISAC and CERT, outside agencies that deal with information breaches, to complete a full forensic analysis of what occurred. The county is also working with the software company and has built a new Click2Gov server using different software than the program that was involved in the original breach.”
According to the notification, Hanover County officials first learned of the breach from Gemini Advisory, a group that monitors Internet websites for exposed credit card information.
Back in October 2017, software company Superion, which ran Click2Gov before CentralSquare later acquired it, disclosed a major data breach that affected tens of thousands of local government customers across the country. Considering the announced timeline of the Hanover County breach, the two incidents do not appear to be related in any way.
“Throughout last year and this year, we have diligently kept our customers informed while working with them to keep their local premise systems updated and protected,” said CentralSquare Technologies in comments supplied to SC Media. “It is important to note that these security issues have taken place only in local on-premise environments in certain towns and cities. Additionally, our customers have been contacted directly by email and phone on an ongoing basis. We continually work with each client to help identify risk, while working with them to apply the latest patches and updates available for these systems, including patches for the third-party software that contributed to the issue..”
“For security and confidentiality reasons, we cannot disclose any information about our customers, their environments or their security, nor are we in a position to comment on any investigations,” the statement continued. “Meanwhile, we continue our efforts in helping our customers to swiftly resolve this matter.”