COVID-19 INFO: City closures and cancellations, resources for businesses and people.


Click2Gov Data Advisory

Press Enter to show all options, press Tab go to next option

The City of Bend was recently informed that a potential data security incident may have compromised the payment card information of some City utility customers who made one-time utility bill payments or enrolled in auto pay using a credit or debit card between August 30, 2019 and October 14, 2019. 

The data that may have been affected could include the cardholder’s name, card billing address, card number, card type, card security code and card expiration date. Other personal information such as Social Security numbers or government-issued identification numbers were not affected by this incident. The City of Bend does not collect that information for utility billing purposes.

City utility customers who signed up for auto pay by credit/debit card or bank drafts before August 30, 2019 or after October 14, 2019, and customers who paid in person or by check, are not affected.

The City learned of the potential security incident from CentralSquare, the third-party vendor that manages and operates the City’s online utility payment portal, known as Click2Gov. CentralSquare determined that malicious code may have been inserted into the Click2Gov software which could have allowed an unauthorized party to copy personal payment card information from customers who logged into the system to make a one-time credit card payment or to enroll in auto pay between August 30, 2019 and October 14, 2019. Existing auto pay customers were not affected.

The City has worked with CentralSquare to remove the malicious code from Click2Gov to ensure that this incident is not ongoing and has implemented additional security measures to help mitigate future risk. This incident involved Click2Gov’s software. It was not due to a vulnerability of the City’s infrastructure, systems, or security.

The City is working with CentralSquare, a third-party forensic investigator, outside legal counsel, and local and federal law enforcement to evaluate the nature and scope of the incident. The investigation is ongoing. We are in the process of notifying the individuals who may be affected directly by mail. Letters are expected to be mailed this week.

The City has plans in place to migrate to a new payment processing services provider in the near future.

Customers who made one-time payments or enrolled in auto pay between August 30, 2019 and October 14, 2019 should monitor their financial accounts and promptly report any suspicious activity to their banks. Those customers will also be offered one year of credit and identity-monitoring services at no cost. 

If you have any questions or concerns related to this incident, please contact the City of Bend’s Chief Innovation Officer, Stephanie Betteridge, at 541-323-8561 or

Expand/Contract Questions and Answers

  • What happened?

  • Which City of Bend customers may have been affected?

  • Has this incident been contained?

  • Is the City of Bend working with law enforcement?

  • What kind of information or data may have been affected?

  • How can I tell if my payment information may have been impacted?

  • If I wasn’t notified directly by mail, does this mean my data wasn’t affected?

  • Do I need to notify my bank or credit-card company?

  • How do I protect my information?

  • Is it safe to pay my utility bill online now?

  • Are there ways to pay my utility bills offline?

  • Does this incident have any effect on the safety/quality of the water supply?

Footer Broken Top Three Sisters