Dark Web intelligence firm, Gemini Advisory believes the Click2Gov breach originally disclosed by FireEye in September (covered in the WaterISAC Portal here) is more widespread than initially reported. Current analysis shows the concentration of victims are located in small-to-medium US cities, comprise over 111k compromised cards and over $1.7 million stolen funds. Furthermore, the card data is linked to over 1000 financial institutions, with 65% of stolen records associated with the top 20 affected banks. Superion (now known as CentralSquare Technologies), the developer of Click2Gov, asserts the prior vulnerability - believed to have exploited Oracle Web Logic - has been properly addressed, but they have yet to identify this latest exploited vulnerability. CentralSquare still believes the vulnerability exists only on locally hosted systems and not the cloud based platform. Licensees using locally hosted instances of Click2Gov are urged to confirm patch status level, apply if necessary, and contact CentralSquare immediately if assistance is needed. Gemini Advisory suggests that users who are directed to pay through the Click2Gov system identify alternative means of making payments until the system threat has been eliminated. Gemini Advisory