DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Cucamonga Valley Water District discloses Click2Gov breach

Posted on December 6, 2019 by Dissent

From the Cucamonga Valley Water District website, a Dec. 4 notification:

Cucamonga Valley Water District (CVWD) was recently informed of a data breach of the Click2Gov web portal used by CVWD customers for one-time credit card payments. CVWD values its customers and respects the privacy of their information, which is why, as a precautionary measure, we are proactively letting affected customers know about a data security incident that may have involved their personal information.

Between August 26, 2019, and October 14, 2019, a server that is used to accept one-time credit card payments from customers was breached allowing unauthorized access. This server is maintained and operated by an outside vendor of CVWD, Central Square.

Upon becoming aware of the incident, Central Square investigated with the assistance of a leading cybersecurity firm. The investigation revealed the possibility that credit card payment information could have been collected. However, they were unable to find conclusive evidence that CVWD customer’s personal information was actually collected by any unauthorized party. Central Square has taken steps to remove the possibility of any further unauthorized access of the Click2Gov web payment portal.

This breach happened with an outside vendor, Central Square, which CVWD uses for customer payments. The relationship with this vendor and the vendor’s protocols are being re-evaluated by CVWD. As an added precaution, Central Square is offering to provide CVWD customers with a twelve-month subscription to a credit monitoring service offered through TransUnion. Customers identified as potentially having their data accessed will be receiving letters directly from CVWD with additional details. The breach does not affect all CVWD customers.

CVWD regrets this situation and any inconvenience or concern it may have caused our customers. CVWD is committed to providing quality service, including protecting our customer’s personal information, and we want to assure our customers that we have policies and procedures in place to protect your privacy.

For more information, please call Epiq at 855-930-0684 for assistance or CVWD’s Customer Service team at 855-654-2893.

No related posts.

Category: Government SectorMalwareSubcontractorU.S.

Post navigation

← IT vendor fined after data of 47,800 students, parents and staff of Singapore schools hacked
UK: NHS radiographer, 32, faces jail after illegally accessing more than 200 female patients’ personal records before hounding them for dates →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked
  • Hunters International to provide free decryptors for all victims as they shut down (2)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.