Click2Gov Breach (8 American Cities Affected)

8 American Cities were affected by this breach. Click2Gov is a popular software solution used by local governments for receiving parking tickets or taxes. The software was developed by Superion. It’s a popular municipality payment software.

Gemini said it had found at least 46 compromised U.S. locations and one in Canada, some of those compromises as recent as this past month, adding that, “As of this writing 294,929 payment records were compromised, earning criminals at least $1.7 million.” Researchers with Gemini Advisory warned in a new advisory that starting in August 2019, over 20,000 records from eight cities in five different states have been offered for sale online via illicit markets. So far the impacted towns include: Deerfield Beach, Fla., Palm Bay, Fla., Milton, Fla., Coral Springs. Fla., Bakersfield Calif., Pocatello Ida., Broken Arrow, Okla. and Ames, Iowa.

Why It Happened ?

The hack targets a flaw in Click2Gov software, which is used in self-service bill-paying portals used by utilities and community development organizations for things such as paying parking tickets online. The flaw was first discovered in December 2018 after continual breaches of it led to the compromise of at least 294,929 payment cards across the country.
 

References

https://www.forbes.com/sites/taylorarmerding/2018/12/21/click2gov-breaches-show-the-power-of-zero-days/#32752b3f7e2e

​https://threatpost.com/payment-card-breach-hits-8-cities-using-vulnerable-bill-portal/148521/

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

ten + 11 =