Hack of Seattle payments processing firm puts local governments on alert


A reported ransomware attack on a Seattle-based payment processing company is closely monitored by at least 11 local customers, including the cities of Seattle and Kirkland, and a King County recycling company.

According to media reports and statements by AFTS customers, the automatic money transfer service (AFTS), which provides payment processing, billing, shipping and other services for municipal utilities and other customers, was affected by a so-called ransomware attack.

Cities potentially affected by the attack include Seattle, Kirkland, Lynnwood, Monroe, Redmond and Puyallup. Skagit Public Utility District; Everett Harbor; the Lakewood Water District and the Alderwood Water & Wastewater District; and the recycling company Recology King County. The California Department of Motor Vehicles also announced that it was affected by the attack.

Ransomware attackers usually break into victims’ data systems and threaten to sell or block the data unless the victims pay a ransom.

The full extent of the AFTS attack, which is reported to have been carried out by a criminal organization called “Cuba”, is not yet publicly known. AFTS did not respond to calls or emails on Saturday and the website stated that the services are “unavailable due to technical issues”.

Some affected customers, including the towns of Lynnwood and Puyallup, assured customers that AFTS did not have access to customers’ social security numbers or any other sensitive personal information.

Others, including the city of Monroe, the Lakewood Water District, and Skagit PUD, said AFTS stored scanned images of customer checks that contain banking and routing information.

Recology King County, which has customers in Bothell, Burien, Carnation, Des Moines, Issaquah, Maple Valley, Mercer Island, SeaTac, Shoreline and Seattle, also acknowledged that “compromised” customer information could include “pictures of checks and payment card information.” ”

Recology King County will update customers as it receives additional information and “provide resources for our customers such as identity monitoring,” said general manager Kevin Kelly.

According to a statement from the city of Puyallup, AFTS “hired a forensic company to fight the ransomware attack and tried to get all of its information. The ransomware attack and possible customer information breaches have been reported to the police and the FBI. ”

The FBI’s Seattle office did not respond to a request for information on Saturday.

According to tech website BleepingComputer, the AFTS attack was carried out by a “cybercrime operation” called “Cuba Ransomware” which has “information about companies that did not want to work with us” on its website. Some of the information is for sale and some is freely available. Have fun.”

The attack also disrupted billing operations at several organizations, including the city of Redmond. According to the utilities, this month’s bill should look a little different as it will be printed and distributed manually by the city’s employees.