Click2Gov data breach affected thousands of customers
Technological advancements continue to create a friction-less lifestyle in all aspects ranging from the digital workplace to personalized customer experiences. Twenty-five years ago, making cash withdrawal, depositing a paycheck, paying bills meant taking a trip to your bank or service centers, interact with concerned people.
This is not all! Lack of online presence also involved a lot of paper clutter, account management, & other cumbersome tasks that caused a lot of inconvenience.
Online existence of businesses and services has made our lives a piece of cake. It is deemed as a useful lifestyle innovation. From customer experience standpoint, technologies such as online banking, online bill payment, online travel booking, and flight check-ins reflect an appetite for smoother, instant processes. Online transactions remove almost all inconveniences along the customer journey & provide a stellar customer experience.
Technology has enlightened lives in general, but, as we know, every boon has a bane; technology is no exception to this universal fact. Financial corp-orates and state organizations have become serious targets by malicious actors during the recent years.
Data breach involving Click2Gov website in the city of St. Petersburg, a second largest city in Russia is a recent example to support this allegation.
More insights on Click2Gov data breach
Click2Gov is a web-based, interactive self-service bill-pay software solution developed by Superion, a leading provider of software and services to public sector headquartered at Florida, United States.
A suspicious activity was confirmed in St. Petersburg’s payment app Click2Gov that compromised the data of thousands of customers. This app was particularly used by people to pay their bills like electricity, water, etc, parking tickets, and make other payments.
Vulnerability in Superion’s Click2Gov function in the payment server was leveraged by threat actors to expose the payment information of its customers. The exposed data includes Credit card information and other banking details.
Who are affected by the data breach?
People who used Click2Gov online service between August 11 and September 25 to pay their utility bills, business licenses, parking tickets, building permits, and civil citations were affected by the data breach.
Those who chose other modes of payments like phone system, E-check or a different system remain safe.
Measures taken by the government to fix the issue
Click2Gov was immediately shut down to prevent unauthorized access when the third party software program informed the city about the malicious software found in the server.
A new system was soon configured to bring the city back to normal operation.
Security patches have been applied and additional analyses are going on to make sure that the system is vulnerability-free
Customers who used the site between August 11 and September 25 are required to change their banking credentials & monitor their bank transaction for any suspicious activity.
Other incidents involving Click2Gov Data breach
Click2Gov payment platform has been continuously reported as unsafe.
Customers in at least eighteen cities of the United States including California, Oklahoma, Texas, Arizona and Wisconsin and Florida have been affected by the breach so far. All the incidents hackers managed to take over people’s credit card numbers, dates of expiration, verification codes and other personal information.