City officials said that customers who used its website from July 30 to Sept. 12 may be affected by the breach. However, as of Wednesday, no one has reported any suspicious activity to the city.
According to Ames' information technology manager, Dorrance Smith, the data taken includes encrypted credit or debit card numbers, first and last names, addresses and email addresses. He said the breach only affected those who paid a parking ticket online, and no other payment systems were compromised
"We are encouraging people who may be affected to turn on notifications to their bank accounts, and to monitor their accounts frequently," Smith said.
The city was notified on Sept. 12 of the breach by Central Square, the vendor that runs Click2Gov for online payments. They immediately shut down their servers and set up new ones.
Smith said a number of municipalities have been compromised all over the country, and Ames was just one of the victims.
A previous breach occurred in November 2018, which affected 4,600 customers who made a payment through Ames' Click2Gov server, which is troubling to Smith.
"It'd be irresponsible and unethical of me to not consider other options moving forward," he said.
Beginning on Oct. 11, the city is moving its data onto Central Square's cloud server instead of Clicks2Go. The breach had no affect on Central Square's cloud system and talks of the transition began prior to the breach being discovered, Smith said.
©2019 the Ames Tribune, Iowa. Distributed by Tribune Content Agency, LLC.
