Another city has come forward with information regarding the ongoing vulnerabilities with online utility payment provider Click2Gov. Unfortunately, this one comes with an added wrinkle. The city of Marietta, GA and the FBI have reason to believe data found on the dark web is linked with recent utility customer online transactions. While data is believed to have been stolen from all previously disclosed affected entities – a quick Google search for “Click2Gov breach” yields information on many previous disclosures –  this is the first entity to publicly identify potentially related data being offered for sale in the underground cybercrime market. According to reports, it is important to note that only manually entered transactions were at risk from being stolen. The auto pay system presumably did not suffer from the same vulnerabilities. This incident is a continued reminder of the importance of carefully managing risks posed from third-party service providers. Members utilizing Click2Gov are highly encouraged to independently assess your systems for potential compromise. Likewise, to help WaterISAC more effectively track the impact from the Click2Gov breach, we encourage any water or wastewater utility (member or non-member) to complete a confidential incident report or contact WaterISAC at [email protected] or (866) H20-ISAC. Read the post at Marietta Daily Journal

Previous (non-exhaustive) reports on Click2Gov can be found on the WaterISAC portal:

• Click2Gov – The Breach that Keeps on Breaching: More Utilities Impacted by Click2Gov Breach (including at least one WaterISAC member)
• Threat Update – Government and Utility Payment Portal Click2Gov Targeted Again
• Government and Utility Payment Portal Click2Gov Breaches More Widespread than Initially Thought
• Cyber Threat Actors Targeting Local Government Payment Portals, Including for Utilities