FORT WORTH, Texas - A security breach at the Fort Worth Water Department is affecting 3,000 customers.
The breach affects customers who made online payments between Aug. 27 and Oct. 23.
Credit cardholders’ names, billing addresses, credit card numbers and security codes were stolen by a software code.
Water department spokesperson Mary Gugliuzza says a letter was sent to anyone who entered a credit card number to pay a water bill online between the affected dates.
The letter explains that “an unauthorized party had inserted unauthorized code into Fort worth’s online payment system.” That system uses a software called Click2Gov, which is developed and managed by a third-party vendor called CentralSquare Technologies. The breach happened as information was transferring from the city’s system to CentralSquare’s cloud system.
“We were notified I believe in early November that there might be an issue,” she said.
But Gugliuzza says the extent of the breach wasn’t clear until now. She assures customers who paid by phone, in person or through automatic bank draft were not affected.
The water department has been using Click2Gov software since 2002 when the city switched over to online payments.
“We’re not the only municipality using this software that’s been impacted,” Gugliuzza said. “They have other customers that have also been impacted by security incidents.”
And while Fort Worth hadn’t been hacked before, Gugliuzza says the city was already planning to switch from using Click2Gov software to another vendor in March.
“We do think the vendor we’re going to’s system will be better for us in this respect,” she said. “They have more security.”
Gugliuzza says affected customers should expect a second letter from CentralSquare offering them a year of credit monitoring free of charge.