US cities disclose data breaches after vendor's ransomware attack

silversurfer

Level 70
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
5,984
A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington.

Automatic Funds Transfer Services (AFTS) is used by many cities and agencies in Washington and other US states as a payment processor and address verification service. As the data is used for billing and verifying customers and residents is wide and varied, this attack could have a massive and widespread impact.

The attack occurred around February 3rd when a cybercrime gang known as 'Cuba ransomware' stole unencrypted files and deployed the ransomware. [...]

California Department of Motor Vehicles [Data Breach Notification]:

Automatic Funds Transfer Services, Inc. (AFTS) of Seattle was the victim of a ransomware attack in early February that may have compromised information provided to AFTS by the DMV, including the last 20 months of California vehicle registration records that contain names, addresses, license plate numbers and vehicle identification numbers (VIN). AFTS does not have access to DMV customers’ Social Security numbers, birthdates, voter registration, immigration status or driver’s license information, therefore this data was not compromised.

City of Kirkland, Washington [Data Breach Notification]:

The information stored in the AFTS databases is limited to data necessary to fulfill utility billing and payment processing of paper check payments.
At this time, we have no knowledge that any personal information belonging to any Kirkland utility customers has been accessed or misused. However, AFTS is currently conducting an investigation to determine what personal information might have been accessed by the ransomware actors, if any, and will inform Kirkland of that information when it becomes available. We can confirm that ATFS’ database does not contain any of our customers’ social security numbers, dates of birth, driver’s license numbers, state ID numbers or credit card numbers.

City of Lynnwood, Washington [Data Breach Notification]:

The City of Lynnwood contracts with AFTS to mail our printed utility statements to customers. Information that is included in the mailed statements includes the customer name, address, and utility account number. Lynnwood's information stored in the AFTS database is limited to data necessary to fulfill the printing and mailing of utility bills. Payment methods are processed by a different vendor who has not been impacted by this incident.

City of Monroe, Washington [Data Breach Notification]:

The information stored in the AFTS databases is limited to data necessary to fulfill utility billing and payment processing of paper check payments. Electronic payments are processed by a different vendor who is not impacted by the incident. Potentially breached information from the AFTS database may have included the following personal information: utility bill account number, name, address, and billing amounts. Additionally, for residents or businesses who pay their utility bills by mailing a paper check, scanned copies of their paper checks are also stored on the AFTS servers which include bank account and routing information. It is unknown at this time whether these scanned copies of checks have been illicitly extricated from the network. The databases do not contain social security numbers, birth dates, driver’s license numbers, state ID numbers or any other Personally Identifiable Information (PII). The databases do not contain any resident or commercial business credit card information.

City of Redmond, Washington [Data Breach Notification]:

Personal information may have been exposed including names and addresses of utility customers. The City of Redmond is working closely with AFTS to determine the extent of the breach and if any of the City’s information was compromised.

City of Seattle, Washington [Data Breach Notification]:

The City of Seattle has recently learned that a third-party utility billing vendor, Automatic Funds Transfer Services, Inc. (AFTS), which is used by a small number of City departments, was the victim of a ransomware attack. City departments use this vendor for commercial billing, printing, and mailing services.

Lakewood Water District [Data Breach Notification]:

The information stored in the AFTS databases is limited to data necessary to fulfill billing and payment processing of paper check payments. Electronic payments are processed by a different vendor who is not impacted by the incident. Breached information from the AFTS database may have included the following personal information: water bill account number, name, address, and billing amounts. Additionally, for residents or businesses who pay their utility bills by mailing a paper check, scanned copies of their paper checks are also stored on the AFTS servers which include bank account and routing information. It is unknown at this time whether these scanned copies of checks have been illicitly extricated from the network.

Port of Everett [Data Breach Notification]:

We have no indication Port of Everett’s customers information has been compromised, but we wanted to make you immediately aware of the risk of potential exposure of your personal and/or credit information as soon as possible.

As more cities, agencies, and organizations disclose data breaches, we will update the above list.
 
Top