SECURITY
SECURITY
SECURITY
Payment card records stolen in latest attack targeting municipal payments system
About 20,000 payment card records from eight cities across the U.S. have been compromised through a breach of Click2Gov, a popular municipal payments system last compromised in 2018.
Discovered by security researchers at Gemini Advisory LLC, which revealed the details late last week, the breach involved some of the same cities compromised the last time: Pocatello, Idaho, and Broken Arrow, Oklahoma. Also breached were Deerfield Beach, Palm Bay, Milton and Coral Springs, all in Florida; Bakersfield, California; and Ames, Iowa.
The fact that some cities were attacked again indicates that despite patches, the software remains vulnerable. The breaches were uncovered only when the researchers discovered the records offered for sale of the dark web, a shady part of the internet reachable only through special software.
CentralSquare Technologies Inc., the company behind Click2Gov, responded to the report, saying in a statement that it recently received reports of the breach. “We have immediately conducted an extensive forensic analysis and contacted each and every customer that uses this specific software and are working diligently with them to keep their systems updated and protected,” the company said.
That statement implies that some of the installations had not been patched and updated, but the Gemini researchers said that they believed those behind the latest hacks have either uncovered new vulnerabilities or may have maintained access to affected systems from the original attack.
Notably, the first compromise of Click2Gov was traced back to Oracle’s WebLogic application server, outside software required to run Click2Gov and the path used by hackers to access the systems. It’s unclear whether the path was the same this time around.
Ben Goodman, vice president of global strategy and innovation at identity and access management firm ForgeRock Inc., told SiliconANGLE Sunday that the new incidents prove the portals’ system is still vulnerable.
“Following this breach, users should regularly check their payment-card statements for any abnormal activity over the next several weeks,” Goodman advised. “Click2Gov and similar self-service billing and payment applications should employ security strategies and tools that support real-time, contextual and continuous security that detects unusual behavior and prompts further identity verifications, such as multi-factor authentication.”
Image: Max Pixel
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
