A water supplier in Greenville, South Carolina has suffered a targeted cyber-attack that affected online payments for half a million a people. The outage is expected to last at least two more days as experts investigate the hack.
Greenville Water, which serves nearly 500,000 residents of the Upstate region of South Carolina, announced last week it was experiencing technical difficulties and asked customers to be patient as it worked to recover from “an international cyberattack.”
Utility spokesperson Emerald Clark said online and pay-by-phone systems are not working, and that the outage would likely last until the next week.
“It has not and will not impact or compromise the safety and delivery of water that is treated and maintained by our facilities,” Clark said.
The spokesperson said the cyberattack was being investigated and experts “have taken immediate and appropriate action to reinforce existing security measures and to mitigate the potential impact, as well as determining its origin.”
“We have been preparing for potential attacks for years and put specific protections in place to ensure the safety of our data and the integrity of our water,” said Greenville Water CEO David Bereskin. “While this has caused a temporary disruption, we are fairly certain that our data has not been compromised.”
Greenville Water has shared details of the attack with other government agencies, local news outlet Greenville News reported.
According to the home page of Greenville Water’s website (screenshot below), the issues currently experienced by the supplier do not impact the safety of water treated and maintained by its facilities.
The supplier also urges clients not to call or email them with payment details, likely trying to keep customers safe from hackers intercepting their data and using it to conduct fraud.
Instead, customers are told to visit the Greenville Water office, where cashiers are available during normal business hours and accepting cash and check payments.
Greenville Water doesn’t say how it determined the attack was targeted, or whether the attackers deployed malware on its systems. The details are consistent with a typical ransomware attack, but it remains to be confirmed if this is indeed so.
Update: article updated to correct the state name to South Carolina (was North Carolina previously).