Supply chain
⛓ Supply Chain
The city of Charlottesville Third-Party Breach (November 2019)
Primary Source ↗Incident Details
Potential data breach found on Charlottesville tax collections. Charlottesville is investigating the possibility of a data breach related to its tax collections. CHARLOTTESVILLE, V.A. (WVIR) - The city of Charlottesville is investigating the possibility of a data breach. The city says a security flaw was found on a third party vendor’s online payment software for city tax collections. That payment portal is used by other localities.
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- not disclosed
- Supply Chain Attack
- ✅ Confirmed third-party / vendor compromise
Timeline
- 2019-11-01 Breach occurred
- 2019-11-27 Publicly disclosed