Cyber Incident Victim: Marietta Power & Water Department
Date:
Aug 2019
Location:
United States of America
Summary
A utility provider experienced a data breach impacting customers who manually entered credit card details through its online payment portal over a two-month period, compromising approximately 8,800 transactions. The breach stemmed from a vulnerability in a third-party billing software, exposing payment information that was subsequently shared on the dark web. The software vendor addressed the flaw and offered affected customers complimentary credit monitoring. Federal investigators were involved in the incident, which also affected multiple other municipalities using the same payment system. The compromised data was limited to manually entered credit card details, with no impact on automated payments or other billing channels.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Marietta Power & Water Department experienced a security breach impacting customers who used its online bill payment system between August 26 and October 26, 2019. On December 3, 2019, the FBI and Central Square Technologies—the Florida-based vendor operating the Click2Gov payment portal—notified Marietta officials that customer credit card information had been compromised and appeared on dark web sites. The breach exclusively affected approximately 8,800 transactions where customers manually entered credit card details through Click2Gov during the two-month window. Auto-pay users, in-person payments, mail payments, and phone payments were unaffected. Marietta Power & Water serves over 45,000 power customers and 17,000 water/sewer customers, though only a subset interacted with the compromised portal. The FBI requested Marietta delay public disclosure during the initial investigation phase before authorizing notification on December 17.
Central Square Technologies confirmed fixing the software vulnerability and implemented a patch to prevent further compromises. The company offered 12 months of free credit monitoring to affected customers, with notification letters mailed the week of December 16. Marietta established a dedicated phone line (770-794-1803) for customer inquiries. Forensic details remained limited as the FBI withheld specifics from the city, though officials confirmed only credit card numbers were exfiltrated—property tax systems operated separately and were unaffected. The breach impacted multiple U.S. municipalities using Click2Gov, including Sugar Land, Texas; Dothan, Alabama; and Fort Worth, Texas, according to Central Square’s disclosures. Marietta’s Information Technology Director acknowledged discussions with city leadership about potentially replacing Central Square Technologies, their billing vendor since the 1990s, though no decision was finalized. The incident followed other Atlanta-area cyberattacks, including Henry County’s $650,000 ransomware recovery six months prior.