Bryan Texas Utilities customers are entering their sixth day of payment disruptions following a ransomware attack on BridgePay, the utility's third-party processor. While the outage prevents thousands of residents from using credit or debit cards for online billing, officials confirm that sensitive personal data remains secure through tokenization.

The service disruption began on February 6 when the external payment gateway became unavailable due to a targeted cyberattack on the vendor. This incident has impacted a significant portion of the Brazos Valley, where the utility provides essential services to approximately 70,000 customers. Local officials have been working to manage the fallout while communicating the scope of the technical failure to the public.

Public information officer Meagan Brown addressed concerns regarding data privacy, emphasizing that internal customer records were not accessed during the breach. She noted that while the utility collects necessary personal details for account management, the security protocols in place ensured that no private information was compromised or released to the attackers.

The safety of financial information is maintained through a process called tokenization, which replaces actual credit card numbers with encrypted placeholders. Brown explained that any data the hackers might encounter would appear only as strings of symbols or dots, rendering the information useless for unauthorized transactions. This safeguard ensures that even during a processor outage, the underlying financial identities of the customers stay protected.

Ransomware functions as a malicious form of software that gains entry to computer networks through infected emails, documents, or websites. Once the software is executed, it encrypts the victim's data, turning functional files into unreadable code. This process effectively locks the organization out of its own systems, making them entirely unusable without a specific digital key held by the attackers.

Cybersecurity experts indicate that after the encryption is complete, the perpetrators typically demand a ransom payment to restore access to the files. These demands are usually requested in the form of cryptocurrency, such as Bitcoin, which allows the bad actors to maintain a level of anonymity while negotiating for the release of the hijacked data.

Source: Ransomware Attack Disrupting Online Payments For BTU Customers