At least one Water and Power Authority customer got bogus charges on their credit card bill after a cyber attack on the company WAPA uses to process the cards, so those who pay online should keep an eye on their bills.
Oct. 18, after a customer reported fraudulent activity on their credit card account following an online payment, WAPA notified its vendor, Central Square Technologies, about the possibility of a data compromise.
Central Square Technologies which has processed WAPA’s online payments for more than a decade without incident, later confirmed the breach, and WAPA says it has taken steps to prevent reoccurrence. WAPA has a meeting with Central Square Technologies on Wednesday and will provide additional updates. The vendor is in the midst of an investigation on the scope, cause, and remediation of the data breach involving WAPA’s online payment methods.
WAPA Executive Director Lawrence J. Kupfer said Tuesday night that as a precaution, WAPA provisioned new servers to avoid reoccurrence. ”WAPA is working with Central Square Technologies to determine the number of customers affected, and the dates that the compromise occurred. Payments made by two other options, self-service kiosks, and pay-by-phone were not affected,” Kupfer said. He encouraged customers to monitor credit card statements for potentially fraudulent activity.
“Any suspicious charges should be reported to your bank or credit card provider immediately. Additionally, WAPA offers several payment options for our customers who wish to use a different payment method,” he said in a statement.