SIOUX CITY, Iowa (KCAU) – The City of Sioux City said there was a data breach that could affect 3,563 of its customer accounts.
They said the breach happened in the City’s parking ticket system and utility billing system’s online payment portal, Click2Gov. The city said the portal is managed by a third-party vendor.
A release from the city said that they learned of the breach on December 16 from the third-party vendor saying they found had that payment card information had been copied during certain payment transactions.
After learning of the breach, the City investigated it with the help of third-party forensic investigators. Together they learned that name, address, payment card number, expiration date and CVV information entered into the Click2Gov site between August 26 and September 18 may have been copied.
Sioux City has identified those who may have been affected and are working with the third-party vendor to ensure the privacy for the Click2Gov website. The city also said that a different third-party vendor was engaged by the City to process its parking ticket system and utility billing system credit card payments as of September 18, 2019.
Anyone affected by the breach will be notified by letter during the week of December 30. The letter will explain more about the security incident, share what the City has done to address the incident and provide recommendations for protecting personal information.
Everyone is asked to monitor their financial statements and report any suspicious or unusual charges. Anyone with questions is asked to call 712-279-6132 Monday through Friday between the hours of 8 a.m. to 5 p.m. CT.
The City said they are reviewing security policies and procedures and that they are working with law enforcement regarding a possible criminal investigation.