A vulnerable municipality payment software, which previously led to the breach of hundreds of thousands of payment cards in 2017, has been targeted once again. This time it was part of a breach involving of eight cities in August. Researchers with Gemini Advisory warned in a new advisory that starting in August 2019, over 20,000 records have been offered for sale online via illicit markets. The hack targets a flaw in Click2Gov software, used in self-service bill-paying portals used by utilities and community development organizations for things such as paying parking tickets online.
Source: https://threatpost.com/payment-card-breach-hits-8-cities-using-vulnerable-bill-portal/148521/