Bryan, Texas – Customers of Bryan Texas Utilities (BTU) are facing temporary disruptions to payment options following a ransomware attack on BridgePay, a third-party vendor that processes credit card transactions for the utility. The incident, which began recently, has rendered online credit card payments unavailable, forcing BTU to implement alternative payment methods.
According to BTU officials, the disruption is directly linked to systems compromised at BridgePay. The utility is collaborating with InvoiceCloud, its customer payment interface, alongside BridgePay and other partners, to restore secure credit card processing “as quickly as possible,” though no firm timeline for full restoration has been established. This situation highlights the growing vulnerability of critical infrastructure to cyberattacks targeting third-party service providers.
The impact on BTU’s approximately 50,000 customers is significant, particularly those who rely on the convenience of online or automated credit card payments. However, BTU has moved swiftly to mitigate the disruption by offering a range of alternative payment options. Customers can now pay via cash or check at BTU payment locations, by mail with their bill stub to PO Box 8000, Bryan, TX 77805, or using credit card, cash, or check at strategically located kiosks.
These kiosks are situated at both Bryan H-E-B locations, the City of Bryan Development Center drive-thru (200 E. 29th St.), and the BTU drive-thru (2611 N. Earl Rudder Freeway). This multi-channel approach aims to ensure that customers can continue to meet their utility obligations despite the limitations on credit card payments.
In a move designed to alleviate financial strain during the outage, BTU has announced it will not assess late fees or disconnect utility services while credit card processing remains unavailable. This is a crucial step in protecting vulnerable customers and preventing further hardship during a period of technological disruption. The decision underscores BTU’s commitment to maintaining service reliability and prioritizing customer welfare.
The incident at BTU is part of a broader trend of ransomware attacks targeting organizations across various sectors, including utilities, healthcare, and government. These attacks often involve the encryption of critical data and systems, followed by a demand for ransom payment in exchange for a decryption key. The increasing sophistication and frequency of these attacks pose a significant threat to businesses and consumers alike.
BridgePay, the affected payment processor, has confirmed the ransomware attack. While the company has indicated, as of , that there has been no release of customer information, the potential for data breaches remains a serious concern. The incident is currently under investigation, and authorities are working to determine the extent of the damage and identify the perpetrators.
The situation at BTU also sheds light on the complex supply chain relationships that underpin modern business operations. Utilities, like many other organizations, often rely on third-party vendors for specialized services, such as payment processing. While outsourcing can offer cost savings and efficiency gains, it also introduces potential vulnerabilities. A security breach at a third-party vendor can have cascading effects, disrupting services and compromising data across multiple organizations.
Customers seeking updates on the restoration of credit card payment services are encouraged to visit status.bridgepaynetwork.com for information directly from the vendor. BTU Customer Service is also available to assist customers with any questions or concerns. The incident was not on the agenda for BTU’s board meeting on , suggesting the disruption was recent and rapidly evolving.
The long-term implications of the BridgePay ransomware attack remain to be seen. However, the incident serves as a stark reminder of the importance of robust cybersecurity measures and proactive risk management. Organizations must invest in comprehensive security protocols, including regular vulnerability assessments, employee training, and incident response planning, to protect themselves from the growing threat of cyberattacks. Businesses should carefully vet their third-party vendors to ensure they have adequate security safeguards in place.
This event also raises questions about the resilience of the U.S. Payments infrastructure. While the financial system has largely withstood cyberattacks to date, the increasing sophistication of threat actors and the growing reliance on digital payment methods necessitate ongoing investment in security and redundancy. The incident at BTU underscores the need for a coordinated effort between government, industry, and cybersecurity experts to strengthen the nation’s defenses against cyber threats.
