A malicious form of computer code known as “malware” has been blamed for the security breach that shut down Oceanside’s online payment system in August, city officials said this week.
The cyber attack targeted the names, billing addresses and credit card information, including the card number, expiration date and security code, of the 40,000 customers who use the online system to pay their water, sewer and trash bills, city officials said.
City officials shut down the online payment system after learning of the breach on Aug. 14, and it will not be used again.
“We are going to a new software in October,” Jane McPherson, the city’s financial services director, said Tuesday. “It will be a completely different system.”
Letters were mailed this week to explain details of the breach to all the city’s utility customers. Much of the information, including contact information and precautions to take, has been posted on the city’s website at www.ci.oceanside.ca.us.
Other modes of payment remain available, including a separate online payment system that was not compromised, the “express utility payment” link on the city’s Online Payment Services webpage at www.ci.oceanside.ca.us/services/payment.asp. Customers also can pay online through their own banking system.
Many questions remain about the attack, McPherson said. When purchases are made online made using stolen identities, it’s often unclear who is responsible.
The city may never know who is responsible for the hack, she said, although the investigation is continuing.
More than 110 customers have reported their information was used…
click here to read more.