Cyber Incident Victim: Bossier City
Date:
Aug 2018
Location:
United States of America
Summary
Bossier City disabled its online water bill payment system following reports of unauthorized charges on customer payment cards used for transactions, indicating a potential data compromise. The city initiated an investigation into the possible breach after multiple customers alerted officials to suspicious activity linked to their accounts. The incident prompted the shutdown of the affected platform to prevent further exploitation while authorities assessed the security failure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In mid-August 2018, Bossier City, Louisiana, disabled its online water bill payment system following reports of potential unauthorized access to customer payment data. The city-operated platform allowed residents to pay water bills using credit or debit cards. Between August 16-18, multiple customers notified municipal authorities about fraudulent charges appearing on payment cards they had exclusively used for the city's water billing portal. These consistent reports indicated a possible compromise of the payment infrastructure, though the specific attack vector remained unconfirmed during initial assessments. City officials took precautionary measures by immediately shutting down the online payment system to prevent further exposure while launching an internal investigation. No public statements confirmed whether third-party forensic analysts were engaged or whether law enforcement had been notified at this preliminary stage. The disruption forced customers to use alternative payment methods, though in-person and mail-based payments remained operational.
The incident's primary impact involved financial risks to customers whose card data may have been exfiltrated, evidenced by unauthorized transactions linked specifically to their water bill payments. The city did not disclose the number of affected accounts or the timeframe during which the system might have been compromised. No evidence suggested broader municipal systems beyond the water payment portal were impacted. Bossier City's response focused on securing the payment environment and advising customers to monitor their financial statements for suspicious activity. The article noted unresolved questions about potential connections to the contemporaneous "Click2Gov" breaches affecting other municipalities' payment systems, though officials did not publicly address this possibility. Service restoration timelines remained unclear as investigations continued, leaving residents without digital payment options for an indeterminate period.