City of Topeka

The City of Topeka operates municipal services for its residents, including utility billing functions. In late 2018, a significant cybersecurity incident impacted these operations through a third-party vendor relationship. Central Square, a vendor handling payment processing for the city's utility customers, experienced a breach lasting multiple weeks around October 31, 2018. This breach potentially compromised the personal information of approximately 10,000 utility customers who had made one-time payments or enrolled in autopay services during that specific incident period. Customers who had established autopay or e-check arrangements prior to this timeframe were confirmed as unaffected.

Upon notification by Central Square about the breach, the City of Topeka initiated an investigation, engaging forensic experts to understand the scope and impact. The investigation could not definitively confirm whether customer data was actually compromised. Despite this uncertainty, the city proactively notified all residents potentially impacted by the breach as a precautionary measure. Concurrently, the City of Topeka took steps to enhance security by migrating its payment processing to a new platform, moving away from the compromised Central Square system. This incident highlighted the cybersecurity risks associated with third-party vendors handling sensitive citizen data for municipal services.