Bend, OR-- A software company hired by the City of Bend has failed to secure the credit card and debit card information of more than 5,000 customers. Central Square, a third party vendor used to manage payments and bills was hacked by a Malware code inserted into the Click2Gov software.
According to the Chief Innovation Officer for the city, Stephanie Betteridge, the security issue will only potentialy affect customers who enrolled in auto-pay or made a one time payment between August 30th and October 14th of 2019. Auto-pay customers who enrolled before or after that were not affected. According to Betteridge, stolen customer data could include the cardholder’s name, card billing address, card number, card type, card security code and expiration data. Social security numbers and government-issued ID numbers were not affected.
Betteridge said the city will contact residents who are vulnerable to potential fraud by snail mail. When asked if there were other security issues to be concerned about Betteridge said, "This was do to a vulnerability of the Click2Gov software system, it's not the result of a vulnerability of the city's infrastrucre systems or security."
The city has set up a call center to field questions. You can reach them at 844-987-1209 from 8:00AM to 5:00PM Pacific.