The payment information of tens of thousands of local government customers across the country were exposed after hackers leveraged a vulnerability in Superion's Click2Gov function in the payment server used for online utilities payments.
The breach, so far, has affected customers in at least nine municipalities spanning in California, Oklahoma, Texas, Arizona and Wisconsin and Florida. The breach is yet another example of cybercriminals attacking the local hanging fruit that many local governments with a lack of resources and proper security measures.
Black hat hackers have been increasing their attacks on local governments with Atlanta being one of the latest victims of an attack that costs the city millions of dollars, NuData Vice President of Customer Success Ryan Wilk said.
“In this case, malicious actors are leveraging a vulnerability in Superion's Click2Gov function,” Wilk said. “Vulnerabilities in software are a hidden trap door that is hard to detect until it has been exploited.”
To combat these threats, government agencies need to borrow from the private sector, specifically in retail and financial service sectors, where firms are leveraging multilayer security solutions that include passive biometrics and behavioral analytics, he said.
This allows entities to thwart these sort of attacks before they can cause damage to customers and companies. Customers should check their accounts and report unauthorized charges.