Update: The original post below was published on October 19, 2019. On January 10, 2020, Port Orange said that they were first notified by CentralSquare on November 6. Yet they had reportedly suspended payment by October 19 to investigate. So why has it taken them so long to make this follow-up announcement?
Spectrum News reports that Click2Gov software by CentralSquare Technologies may still pose a risk to municipal governments that use it to allow residents to pay bills.
In a press release, city officials said the company that develops its payment system for utilities billing and taxes, Click2Gov, informed them they wanted to investigate “an unconfirmed software issue that may have resulted in vulnerabilities.”
Read more on Spectrum News.
What is going on? Initially, it sounded like it was only software installations that were locally run and that may not have been updated or patched. But now it seems like there may be another explanation. And if that’s the case, have all governments using the software been notified or alerted?
You can find previous coverage on Click2Gov breaches here. There have also been reports by RiskBasedSecurity, FireEye, and Gemini Advisory, who recently reported on a second wave of breaches.