Officials in Medford, Ore., are notifying online billing system users that the municipality’s Click2Gov system was breached, potentially affecting 1,842 customers, according to local media reports.

Medford, which uses Superion’s Click2Gov system, is one of a number of cities across the U.S. that recently discovered their systems had been compromised. Wellington, Fla., for example, is one of the cities hit by the breach, which is believed to have affected municipalities in California, Texas, Arizona and Wisconsin, the Palm Beach Post reports.  The city of Medford discovered on June 5 that cyberattackers used malware to pilfer credit and debit card information, cardholder names, expiration dates and CVV codes of users who paid for city utilities, permits and business licenses between Feb. 18 and March 14, 2018, and between March 29 and April 16, 2018.

Medford officials shut off the online payment server after the breach discovery and found a vulnerability in Superion’s Click2Gov function, the report notes. Superion, however, says that all the affected servers were hosted by the city governments and not the company, which has offered technology solutions to keep them secure, the Palm Beach Post reported.

The city of Medford has more than 30,000 customers that use its Click2Gov online payment system, according to KDRV.com.