City Water Customers Advised to Get New Credit Cards

 

SAN ANGELO, TX -- (Press Release) San Angelo water customers who made one-time online payments between June 17 and Aug. 16 are advised to contact their financial institutions and request a replacement card if they have not already done so.

The City has received the results of a forensics investigation regarding a breach last month to a vendor’s online water payment system. The investigation found that malware skimmed credit card information from the contracted vendor’s server from June 17-Aug. 16. Only online one-time payments – as opposed to payments automatically drafted from a credit card – were at risk. Credit card payments made via auto-pay, by phone or in person were not compromised.

“Replacing a credit card is a hassle; we understand and apologize for that,” Water Utilities Director Allison Strube said. “But we would much rather that inconvenience not be compounded by customers also having to clear unauthorized purchases. We have worked with our vendor to prevent this from happening again.”

Upon learning of the breach, the City disabled all but phone credit card payments until the vendor that processes online payments could update its software and transition to a more secure platform. Online payments at cosatx.us/waterbill were restored Aug. 21.

Customers were advised last month to monitor their credit card accounts for unauthorized charges. Many customers were forced to seek new cards after experiencing unauthorized purchases. Those who did not are still advised to request a replacement card. Skimmed credit card information is often sold well after a breach occurs; illegal purchases may appear weeks or months later.

A letter will be mailed to all customers who made online credit card payments explaining the compromise to the one-time online transactions. The breach did not increase the amount of a customer’s monthly bill.

Subscribe to the LIVE! Daily

The LIVE! Daily is the "newspaper to your email" for San Angelo. Each content-packed edition has weather, the popular Top of the Email opinion and rumor mill column, news around the state of Texas, news around west Texas, the latest news stories from San Angelo LIVE!, events, and the most recent obituaries. The bottom of the email contains the most recent rants and comments. The LIVE! daily is emailed 5 days per week. On Sundays, subscribers receive the West Texas Real Estate LIVE! email.

Required

Most Recent Videos

Comments

Let me get this straight. You can't drink the water in San Angelo without boiling it. Then, when you try to pay for water you can't drink, someone steals your payment? You can't be serious!

When I think of San Angelo city leadership, I have this vision of Moe chasing Larry and Curly around the building trying to poke their eyes out.

JMHO, Thu, 09/13/2018 - 10:22

I was just hit this week with fraudulent charges on my debit card. I'm positive that it was from this SAWU payment system breach. My bank said Visa notified them that it was a merchant breach. So far I've been hit with almost $400 in debit charges. Thank goodness for Zero Fraud liability....but it is a huge hassle, and I have no debit card in the process because of these loser thieves that skim people's personal information, and take their hard earned money.
Word to the wise, go ahead and order a new card if you have made ANY payments to the water dept. online! Save yourself the hassle!

You are correct as all citizens that paid their water bill online with the City of San Angelo should immediately get a new debit card or credit card. Unfortunately many of the losses will impact the financial institution and not the merchant who took the stolen card numbers. If merchants would be more responsible and making sure they person making the purchase is really that person, many fraudulent charges would never happen. MasterCard and Visa need to update their policies to make the merchant liable for fraudulent charges 100% of the time!

Whenever I use a credit card to pay any bill or make any purchase on line I generate and use a virtual credit card number. Such numbers can be generated with limits such that they can only be used once. Should a bad guy hijack one of these numbers he or she will find it of no use whatsoever, and your account remains safe. It's a bit of a pain, but I consider the time spent to be cheap insurance against this type of fraud.

Certainly events like this can be vastly annoying.

the payment process for the water department now?
Are the other people still business as usual?

Post a comment to this article here:

X Close