Update on potential data security incident at AFTS, Inc.

Early February, the Silver Lake Water and Sewer District was made aware of a security/data incident at our utility billing vendor, Automatic Funds Transfer Services, Inc. (AFTS). The District contracts with AFTS to print invoices, process the check payments made by mail, and electronic payments that were made on the District's website. AFTS's network servers were compromised and encrypted by ransomware, sometime between the evening of February 3 and the morning of February 4, 2021. The hackers exfiltrated approximately 2,500 files from AFTS before the incident was discovered.

District staff worked closely with AFTS and the cyber security consultant hired by AFTS, to determine the extent of the breach and to determine if any of the District's customers or payment information was compromised. We are pleased to report that the analysis completed by AFTS and their consultant has determined that Silver Lake Water and Sewer District customer and payment information was not compromised. Exfiltrated files were related to a separate division of AFTS that does not contain the data or process the payments of District customers.

Since the breach, AFTS has enhanced and hardened their systems to better protect the data of its customers. Additionally, the District has launched a new electronic payment portal with greater security, this portal is powered by Invoice Cloud (new vendor) and accessible via the "Bill Pay" link above.