City of Broken Arrow, Deerfield Beach, Palm Bay, Milton, Bakersfield, Coral Springs, Pocatello, Ames online payment system Third-Party Breach (September 2019)

📅 2019-09-01 🏢 Click2Gov

Incident Details

Possible data breach of City of Broken Arrow online payment system. The City of Broken Arrow released a statement Thursday after the city’s online payment system became unavailable. The city says the site was made unavailable after it became aware of a possible data breach involving a third-party payment software system. Their statement is below:The City of Broken Arrow takes cyber-security very seriously. TULSA, Okla. (KTUL) — The City of Broken Arrow released a statement Thursday after the city’s online payment system became unavailable. Third-party company: Click2Gov.

Technical Details

Initial Attack Vector: Compromise of third-party service provider / vendor relationship
Vendor / Product: Click2Gov
Supply Chain Attack: ✅ Confirmed third-party / vendor compromise

Timeline

2019-09-01 Breach occurred
2019-09-26 Publicly disclosed