Water supplier American Water Works says systems hacked
American Water Works — a supplier of drinking water and wastewater services to more than 14 million people — on Monday said hackers had breached its computer networks and systems, prompting it to pause billing to customers.
The Camden, New Jersey-based utility became aware of the unauthorized activity on Thursday, and took protective steps, including shutting down certain systems, American Water Works stated in a regulatory filing. The company does not believe its facilities or operations were impacted by the cybersecurity incident, but is "currently unable to predict the full impact," it stated.
The company's customer portal service, MayWater, remained offline as of Tuesday afternoon.
"In an effort to protect our customers' data and to prevent any further harm to our environment, we disconnected or deactivated certain systems. There will be no late charges for customers while these systems are unavailable," an American Water spokesperson told CBS News in an email. The company is "working around the clock to investigate the nature and scope of the incident," the spokesperson added.
The company said it has notified law enforcement and is cooperating with with them.
According to its website, American Water is the largest regulated water and wastewater utility company in the U.S., and provides drinking water and wastewater services to more than 14 million people in 14 states and on 18 military installations. It manages more than 500 water and wastewater systems in about 1,700 communities in California, Georgia, Hawaii, Illinois, Indiana, Iowa, Kentucky, Maryland, Missouri, New Jersey, Pennsylvania, Tennessee, Virginia and West Virginia.
Shares of the company lost $5.58, or 3.9%, on Monday to close at $136.99. Its shares recovered somewhat on Tuesday, rising 66 cents, or 0.5%, to $137.66, giving it a market capitalization of $26.84 billion.
U.S. officials have recently become concerned about alleged work by Chinese intelligence officers to breach critical U.S. infrastructure networks such as water-treatment facilities, and tied a cyberattack targeting U.S. broadband providers to the government in Beijing, the Wall Street Journal reported late Friday, citing people familiar with the matter.