From the Cucamonga Valley Water District website, a Dec. 4 notification:
Cucamonga Valley Water District (CVWD) was recently informed of a data breach of the Click2Gov web portal used by CVWD customers for one-time credit card payments. CVWD values its customers and respects the privacy of their information, which is why, as a precautionary measure, we are proactively letting affected customers know about a data security incident that may have involved their personal information.
Between August 26, 2019, and October 14, 2019, a server that is used to accept one-time credit card payments from customers was breached allowing unauthorized access. This server is maintained and operated by an outside vendor of CVWD, Central Square.
Upon becoming aware of the incident, Central Square investigated with the assistance of a leading cybersecurity firm. The investigation revealed the possibility that credit card payment information could have been collected. However, they were unable to find conclusive evidence that CVWD customer’s personal information was actually collected by any unauthorized party. Central Square has taken steps to remove the possibility of any further unauthorized access of the Click2Gov web payment portal.
This breach happened with an outside vendor, Central Square, which CVWD uses for customer payments. The relationship with this vendor and the vendor’s protocols are being re-evaluated by CVWD. As an added precaution, Central Square is offering to provide CVWD customers with a twelve-month subscription to a credit monitoring service offered through TransUnion. Customers identified as potentially having their data accessed will be receiving letters directly from CVWD with additional details. The breach does not affect all CVWD customers.
CVWD regrets this situation and any inconvenience or concern it may have caused our customers. CVWD is committed to providing quality service, including protecting our customer’s personal information, and we want to assure our customers that we have policies and procedures in place to protect your privacy.
For more information, please call Epiq at 855-930-0684 for assistance or CVWD’s Customer Service team at 855-654-2893.