City of Dothan releases update on Dothan Utilities cyberattack


DOTHAN, Ala. (WDHN) — On November 6, 2019, the City of Dothan received notice from its third-party utility billing services vendor, CentralSquare Technologies (“CentralSquare”) of a potential data security issue within the online payment portal, Click2Gov, which is managed and operated by that vendor.

The notice indicated that alterations to Click2Gov’s applicable code could have enabled unauthorized access to certain payment card information from the customer’s internet browser window during a payment transaction.

On December 4, 2019, CentralSquare confirmed that the time period in which the payment transactions may have been affected is from August 26, 2019 through October 26, 2019. The City of Dothan contracted with the Law Firm of Mullen Coughlin, LLC in 2019 to assist the City with CentralSquare’s Click-2-Gov cyber incident.

The City of Dothan takes the confidentiality, privacy, and security of personal information very seriously and has strict security measures in place to protect information. After receiving notice, the City of Dothan worked to identify those individuals who may have made payments during this period.

The City of Dothan engaged with third-party forensic investigators to conduct an independent analysis of the Click-2-Gov application server. The investigation confirmed that that payment card information entered from August 26, 2019, through October 26, 2019, could have been affected by the CentralSquare incident.

The City of Dothan took steps to confirm and further strengthen the security of its systems and the City of Dothan is reviewing its security policies and procedures as part of its ongoing commitment to information security.

CentralSquare, on behalf of the City of Dothan, will be providing “Notice of Data Privacy Incident” letters to Dothan Utilities’ customers who may have been affected by the CentralSquare incident.

The letter explains what happened including the list of personal information that may have been subject to unauthorized access, explains what CentralSquare has done to ensure that further information does not become compromised, and addresses what steps the City of Dothan has taken to ensure cybersecurity within its portion of the on-line utility payment system.

The letters are being mailed out on January 9 and 10, 2020 to those potentially affected.

CentralSquare has set up a call-center that Dothan Utility customers can contact should they have questions. Twelve months of free credit monitoring service is also being offered by CentralSquare to Dothan Utility customers who may have been affected.

The City of Dothan will release additional information as it becomes available.

Copyright 2020 Nexstar Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Trending Stories