Because of a “cyber incident” with vendor BridgePay, Denton utility customers haven’t been able to pay their bills with credit or debit cards since Friday, including the Pay as You Go option, according to an update from the city Monday.
The city said on Monday that it doesn’t have a restoration timeline but will suspend late fees and disconnects from Friday, Feb. 6, until Friday, Feb. 13.
Denton utility customers can still pay their bills online with a credit or debit card by selecting the Venmo, PayPal or PayPal Credit options. They can also pay through their bank via eCheck, or make payments in person at the customer service lobby, 601 E. Hickory St., during business hours, or at the 24/7 self-service kiosks in the lobby.
In the Monday update, the city shared that BridgePay Network Solutions, the Florida-based third-party contractor that handles online utility bill payments, confirmed “this incident does not currently involve a card data breach.”
However, BridgePay confirmed the outage is due to a ransomware attack and said it was working with cybersecurity professionals and U.S. authorities, including the FBI and the U.S. Secret Service forensic team, in its investigation.
“We do want to reiterate this was not a card data breach,” BridgePay said in a Saturday status update on its website. “No card data was compromised and any file that may have been accessed was encrypted.”
While the city referred to it as a “cyber incident,” BridgePay called it a “cybersecurity incident” and called it a ransomware attack in a Friday update on its website.
Kayla Herrod, Denton’s deputy director of marketing and communications, said the city called it a cyber incident because it “disrupts normal operations.”
“In this case, preventing credit and debit card transactions from being processed online,” Herrod said in a Monday evening email to the Denton Record-Chronicle.
Herrod added that if a card data breach did occur, the city will notify the public.
BridgePay said in its update Monday afternoon that it was making progress in its investigation and expected to have more clarity about a timeline within the next 24 to 48 hours.
The BridgePay cyberattack has also affected city utility billing systems in Frisco, Coppell and Bryan.
Texas launched its own cybersecurity agency, Texas Cyber Command, at the University of Texas at San Antonio last fall.
Part of its mission, according to a June 2 news release, is coordinating with governments on swift and effective responses to cyberattacks
“Our state is under constant attack by cyber criminals, attacks that occur thousands of times every single second of every single day,” Gov. Greg Abbott said in the news release. “Attacks often come from foreign actors from hostile countries like China, Russia, and Iran. They successfully attacked cities, counties, and government agencies in Texas, from Mission to Muleshoe. That changes today.”
The Office of the Attorney General found that in 2024, systems containing the sensitive personal information of more than 15 million Texans were compromised in data breaches, state Rep. Giovanni Capriglione told legislators in Austin last year, The Texas Newsroom reported. The Southlake Republican authored the bill that created the Texas Cyber Command.
CHRISTIAN McPHATE can be reached at 940-220-4299 and cmcphate@dentonrc.com.
For more than 120 years, the Denton Record-Chronicle has been Denton County’s source for locally produced, fact-based journalism. Your support through a tax-deductible donation or low-cost subscription is vital to our ability to deliver credible, relevant, unique coverage of our community.
