Click2Gov is dealing with yet another data breach affecting thousands of users

Click2Gov has recently experienced yet another data breach affecting 300,000 people

Crooks have stolen around 300,000 credentials of Click2Gov clients.

Click2Gov, a widely used payment technology, was found to be dealing with yet another breach. Not so long ago, the vulnerabilities were found in St. Petersburg's Click2Gov payment app.^[1] This time, a cybersecurity organization called Gemini announced about the more serious attack which might have affected numerous people in the United States as the payment system got hacked in various U.S cities.

Around 46 cities felt the consequences of the enormous data breach. It is known that there were around 294,929 payment records stolen from various people who had been using the Click2Gov services. Furthermore, a report claims that the cybercriminals have been selling the stolen records on the Dark Web^[2] for $10 each and have already gained a surprising amount of income – around $1.7 million.^[3]

Credentials were exposed because of the vulnerability in the payment software

The cybercriminals gained the access to Click2Gov's servers holding all sensitive details because of the vulnerability in the payment software. Such information contained debit and credit card credentials which were widely exposed after the attack. The most widely affected cities appear to be:

• Texas;
• Saint Petersburg;
• Florida;
• California;
• Laredo;
• Topeco;
• etc.

Nevertheless, the cybercriminals managed to expose names, surnames, and passwords which, according to cybersecurity researchers, have also been put on the Dark Web for sale. Some resources say that the stolen credential information might be misused in the future for launching bot attacks having the purpose of illegally gaining access to other accounts on the Internet.

Gemini said that the Click2Gov organization has taken actions to patch the software in the affected cities and explained why did they let this data breach to emerge again:

Click2Gov has worked with many of the affected towns to patch the software, and that the breaches have arisen in part because of a lack of sophistication on the part of municipal IT workers.

Data exposure will not relate in money losses, however, banking cards need to be changed

Sadly, in some towns, the illegitimate activity might still be continuing as some cities still did not report about the vulnerabilities found to Click2Gov.^[4] However, some good news is that the data breach will not relate in any monetary losses for the Click2Gov users as there are specific actions taken whenever important data is stolen. Still, people will need to take out a new credit card as the older one's information has already been widely revealed.

Moreover, Gemini claimed that they have given the Federal Law Enforcement all details about the data breach and also informed CentralSquare Technologies (Superion), the organization that gives license to the Click2Gov software:^[5]

Gemini Advisory has provided all of the Click2Gov associated breach information to Federal Law Enforcement and is actively working to assist them in further investigation. Furthermore, we have contacted Superion, now known as CentralSquare technologies, and have shared our findings, including the list of affected cities, in order to assist them in victim notification.

However, CentralSquare technologies did not give any response to the comments that were made about the data breach attack. Cybersecurity researchers are hoping that all things will be taken care of properly very soon.