One of the Skagit Public Utility District’s payment vendors suffered a data breach, potentially exposing customers’ information to hackers.
Automatic Funds Transfer Services, Inc. (AFTS) was victimized with a ransomware attack, meaning its data was accessed by malicious software and held for ransom by hackers.
A letter from the PUD — which is the water provider for many in the county — to its customers said AFTS did not have access to customers’ credit card information, social security numbers or state ID numbers.
Potentially compromised information may include names, addresses and PUD account numbers. Bank account and routing information for customers who pay by paper checks may have also been exposed.
Spokesperson Kevin Tate said the PUD sent about 24,000 letters to customers. It encourages those who pay by paper checks to carefully monitor their bank account activity and report unusual activity to their bank.
The letter also encourages customers to place fraud alerts on their account through one of the three major credit-reporting bureaus.
Tate said AFTS has hired a cybersecurity firm to investigate the attack.
“We feel bad for customers,” he said. “We take security and personal information seriously.”
Customers with questions are encouraged to contact the PUD’s customer service department at 360-424-7104 or firstname.lastname@example.org.