Lewes Board of Public Works

The Lewes Board of Public Works, also known as Lewes BOPW, operates within the United States of America. Based on the nature of the cybersecurity incident it experienced, the organization provides essential public utility services that involve managing customer accounts and processing payments. This strongly suggests core functions likely include billing and collection for services such as water, sewer, or potentially other municipal utilities within its jurisdiction. The necessity of handling sensitive customer financial information, including credit and debit card details for automatic payments, is a fundamental aspect of its operations. Serving the community of Lewes, the organization plays a critical role in local infrastructure management and public service delivery.

In May 2019, the Lewes Board of Public Works suffered a significant cybersecurity breach. Unauthorized actors gained access to its customer information system, specifically targeting the infrastructure related to automatic payment processing. This intrusion potentially compromised sensitive personal and financial data belonging to its customers. The exposed information included customer names, email addresses, and critical financial account details such as credit or debit card numbers. Federal and state agencies played a role in alerting the Lewes BOPW to this compromise, indicating the incident's seriousness and potential scope.

Following the discovery of the breach, the Lewes Board of Public Works undertook proactive measures to address the situation and mitigate potential harm to its customers. The organization directly notified individuals who may have been impacted by the unauthorized access. This notification included advising affected customers on precautionary steps they could take to protect themselves against potential identity theft or financial fraud resulting from the exposure of their sensitive information. While the breach represented a serious compromise of customer data security, no confirmed instances of actual misuse of the stolen information were identified at the time the organization was alerted by authorities. The incident highlighted the cybersecurity risks inherent in managing sensitive citizen payment data for essential public services.