Carson City, Nevada

A group of residents who pay their water bill online in Carson City, their financial information was compromised due to a data breach.

The incident involved some personal information which was provided to a Carson City vendor in connection with a utility payment.

An unauthorized code was inserted into the online payment system which was developed by a third-party vendor called CentralSquare Technologies.

The information involved in the data breach includes residents' names, addresses, email addresses, payment card numbers, expiration dates, card security code (CVV) information, bank account numbers, and routing numbers.

Source: https://carsonnow.org/story/02/11/2020/financial-information-compromised-carson-city-residents-who-pay-water-bill-online

TPRM report: https://scoringcyber.rankiteo.com/company/carson-city

"id": "car2041201222",
"linkid": "carson-city",
"type": "Breach",
"date": "02/2020",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Public Utilities',
                        'location': 'Carson City',
                        'name': 'Carson City',
                        'type': 'Government'}],
 'attack_vector': 'Unauthorized code insertion',
 'data_breach': {'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Email addresses'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal information',
                                              'Financial information']},
 'description': 'A data breach compromised the financial information of '
                'residents who pay their water bill online in Carson City. The '
                'incident involved personal information provided to a Carson '
                'City vendor in connection with a utility payment. An '
                'unauthorized code was inserted into the online payment system '
                'developed by a third-party vendor called CentralSquare '
                "Technologies. The compromised information includes residents' "
                'names, addresses, email addresses, payment card numbers, '
                'expiration dates, card security code (CVV) information, bank '
                'account numbers, and routing numbers.',
 'impact': {'data_compromised': ['Names',
                                 'Addresses',
                                 'Email addresses',
                                 'Payment card numbers',
                                 'Expiration dates',
                                 'Card security code (CVV) information',
                                 'Bank account numbers',
                                 'Routing numbers'],
            'payment_information_risk': 'High',
            'systems_affected': ['Online payment system']},
 'initial_access_broker': {'entry_point': 'Online payment system'},
 'post_incident_analysis': {'root_causes': 'Unauthorized code insertion'},
 'title': 'Data Breach at Carson City Online Payment System',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Online payment system'}