Cyber Incident Victim: Greenville Water System
Date:
Jan 2020
Location:
United States of America
Summary
A cyber-attack disrupted a US water utility's phone and online payment systems for nearly a week, affecting approximately 500,000 customers. While the origin and perpetrators remained unidentified, the organization confirmed no compromise of customer credit card data or water treatment safety. Immediate security enhancements were implemented alongside an ongoing investigation. Full restoration of payment services occurred within days, with assurances that late payments due to the outage would not incur penalties or service interruptions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 22, 2020, Greenville Water experienced a cyber-attack that disrupted its phone and online payment systems, initiating a network outage affecting approximately 500,000 customers across South Carolina. The utility’s payment infrastructure remained offline for nearly a week, preventing customers from processing transactions through digital or telephonic channels. While the exact nature and origin of the attack were not disclosed, Greenville Water spokesperson Emerald Clark confirmed the incident triggered immediate operational disruptions but emphasized it did not compromise water safety or delivery systems. CEO David Bereskin stated he was "fairly certain" no utility data had been breached, a position reinforced by Clark’s clarification that the company did not store customer credit card information. Greenville County government affairs coordinator Bob Mihalic declined to comment on specifics but noted the county employed multiple cybersecurity protections for infrastructure. By January 24, Greenville Water had engaged experts to investigate the attack’s origin and implement reinforced security measures to mitigate potential impacts.
The utility restored its online payment system by the afternoon of January 27, followed by the phone payment system’s reactivation the next day. Greenville Water assured customers that late payments resulting from the outage would not incur penalties or service interruptions, prioritizing customer experience recovery. A public statement confirmed the full restoration of operational systems while the investigation continued, with commitments to share additional details as they became available. No evidence emerged linking the incident to data exfiltration or manipulation of water treatment processes. The company maintained transparency through its website updates but did not disclose technical specifics of the attack vector, threat actor attribution, or forensic findings. Business continuity measures ensured billing and service operations resumed without further disruption.