LEXINGTON, Ky. (LEX 18) — A release from the city of Lexington on Thursday reported that a third-party "security incident" involving InvoiceCloud has compromised three LEXserv customers.
According to the release, the Lexington-Fayette Urban County Government was notified about the incident involving the third-party vendor, InvoiceCloud, which is used by the city to process credit card payments for LEXserv bills.
InvoiceCloud reported that an "unauthorized party" obtained personal information from customers who submitted payment transactions using its platform.
The city reported that on July 3, InvoiceCloud found that three LEXserv customers were affected by the security incident and as a result, the name, payment card number, expiration, and CVV were potentially exposed to the unauthorized party.
According to the city, InvoiceCloud enhanced security protection and notified law enforcement and payment card brands. The city's servers were reportedly not affected by the third party security incident.
The affected customers, the release read, have received an official notice from InvoiceCloud regarding the security breach. These people were encouraged by the city to contact InvoiceCloud using the provided contact information on the notice.
