DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Cucamonga Valley Water District discloses Click2Gov breach

Posted on December 6, 2019 by Dissent

From the Cucamonga Valley Water District website, a Dec. 4 notification:

Cucamonga Valley Water District (CVWD) was recently informed of a data breach of the Click2Gov web portal used by CVWD customers for one-time credit card payments. CVWD values its customers and respects the privacy of their information, which is why, as a precautionary measure, we are proactively letting affected customers know about a data security incident that may have involved their personal information.

Between August 26, 2019, and October 14, 2019, a server that is used to accept one-time credit card payments from customers was breached allowing unauthorized access. This server is maintained and operated by an outside vendor of CVWD, Central Square.

Upon becoming aware of the incident, Central Square investigated with the assistance of a leading cybersecurity firm. The investigation revealed the possibility that credit card payment information could have been collected. However, they were unable to find conclusive evidence that CVWD customer’s personal information was actually collected by any unauthorized party. Central Square has taken steps to remove the possibility of any further unauthorized access of the Click2Gov web payment portal.

This breach happened with an outside vendor, Central Square, which CVWD uses for customer payments. The relationship with this vendor and the vendor’s protocols are being re-evaluated by CVWD. As an added precaution, Central Square is offering to provide CVWD customers with a twelve-month subscription to a credit monitoring service offered through TransUnion. Customers identified as potentially having their data accessed will be receiving letters directly from CVWD with additional details. The breach does not affect all CVWD customers.

CVWD regrets this situation and any inconvenience or concern it may have caused our customers. CVWD is committed to providing quality service, including protecting our customer’s personal information, and we want to assure our customers that we have policies and procedures in place to protect your privacy.

For more information, please call Epiq at 855-930-0684 for assistance or CVWD’s Customer Service team at 855-654-2893.

Related posts:

  • Eight cities impacted in second wave of Click2Gov breaches – Gemini Advisory
  • North Texas Municipal Water District hit by ransomware attack
  • Madison Square Garden Company Alerts Customers of Payment Card Data Breach
  • St. Petersburg timeline on Click2Gov raises questions as to whether the vendor was proactive or not
Category: Government SectorMalwareSubcontractorU.S.

Post navigation

← IT vendor fined after data of 47,800 students, parents and staff of Singapore schools hacked
UK: NHS radiographer, 32, faces jail after illegally accessing more than 200 female patients’ personal records before hounding them for dates →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.