Cyber Incident Victim: City of Topeka
Date:
Oct 2018
Location:
United States of America
Summary
A third-party payment vendor servicing the City of Topeka experienced a multi-week breach potentially exposing personal information of approximately 10,000 utility customers who made one-time payments or enrolled in autopay during the incident period. The vendor, Central Square, notified the city of the breach, prompting an investigation with forensic experts and migration to a new payment platform. While confirmation of data compromise remained unclear, the city proactively notified potentially impacted residents; customers who established autopay or e-check arrangements prior to the incident timeframe were unaffected.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 7, 2018, the City of Topeka was notified by its third-party payment vendor, Central Square, of a data breach affecting the city’s billing payment system. The breach occurred over a 38-day period between October 31 and December 7, 2018, potentially exposing personal information of approximately 10,000 Topeka utilities customers. Central Square managed the compromised system that processed payments for city services. The incident specifically impacted residents who made one-time payments or established new autopay arrangements during the breach window. Customers who had configured e-check or autopay services prior to October 31 were unaffected. Forensic experts were engaged to investigate the incident, though officials stated it remained unclear whether attackers had successfully exfiltrated or misused any data.
In response, Topeka officials coordinated with Central Square to migrate payment processing to a new platform as a containment measure. The city issued public notifications advising potentially affected individuals of the breach timeline and scope, adopting a precautionary stance despite lacking confirmation of actual data compromise. No technical details regarding the breach vector, attacker identity, or specific data types at risk were disclosed publicly. Central Square provided its breach-related data to the city’s investigative team to support forensic analysis. The incident disrupted billing operations temporarily during the system transition, though service continuity was maintained for utility customers throughout the response period.