Unauthorized access of a server used to process payments for a San Bernardino County, Calif., water utility may have exposed some customers’ billing information to theft, authorities disclosed last week.
(TNS) — Unauthorized access of a server used to process payments for a San Bernardino County, Calif., water utility may have exposed some customers’ billing information to theft, authorities disclosed last week.
Central Square, an outside vendor for the Cucamonga Valley Water District, reported that a server handling one-time credit card transactions for the utility had been breached between Aug. 26 and Oct. 14, CVWD officials said Dec. 4 in a post on the utility website.
Investigators did not immediately find conclusive evidence of data theft, but it is possible that some payment details may have been taken.
The vendor has enlisted a cybersecurity firm to investigate the matter and taken steps to prevent further unauthorized access of the Click2Gov web payment portal used by CVWD and other utility customers, said the post.
The district’s relationship with Central Square and that firm’s security protocols were placed under evaluation following reports of the data breach.
CVWD serves customers in Rancho Cucamonga, Upland, Fontana and Ontario. The incident did not affect every customer, the utility said. Those whose personal information may have been compromised will receive letters directly from the district.
Central Square is also offering a 12-month subscription to a credit monitoring service, TransUnion, to potential victims. Customers seeking additional information may contact the district’s customer service team at 855-654-2893, or an outside firm, Epiq, at 855-930-0684.
Further details regarding what led up to the breach and any suspects who might have been responsible were not immediately released.
©2019 the Inland Valley Daily Bulletin (Ontario, Calif.). Distributed by Tribune Content Agency, LLC.