NOTICE TO PORT OF EVERETT CUSTOMERS  - POTENTIAL AFTS DATA SECURITY INCIDENT
AFTS Questions
scroll
scroll icon

NOTICE TO PORT OF EVERETT CUSTOMERS - POTENTIAL AFTS DATA SECURITY INCIDENT

The Port of Everett has been made aware of a cyber security incident involving our third-party payment processing service provider, Automatic Funds Transfer Services, Inc (AFTS). AFTS has indicated that its servers were encrypted by ransomware sometime between the evening of February 3 and the morning of February 4, 2021.

The data security incident is not isolated to the Port of Everett. Numerous local jurisdictions are affected by this ransomware issue. We have no indication Port of Everett’s customers information has been compromised.

The vendor has notified the appropriate law enforcement agencies of the attack and is rebuilding their network systems.

The Port of Everett also asks that customers not respond to any inquiries about their bills in the event that it could be a fraudulent inquiry. Until this is revolved, for bill pay, customers should directly contact the Port of Everett at 425.259.3164 during regular business hours, or mail payments direct to the Port of Everett at PO Box 538, Everett, WA 98206.  

We will continue to work with AFTS to gather additional information. This page includes all the information we currently have and we will continue to update this page as more information is received. 

If you have questions, please contact us at AFTSquestions@portofeverett.com.


Frequently Asked Questions

AFTS Potential Ransomware Attack (Data Security Incident)

The Port of Everett was informed that one of its third-party vendors – Automatic Funds Transfer Services, Inc (AFTS) – was the victim of a Ransomware attack sometime between the evening of February 3 and the morning of February 4, 2021. The Port of Everett contracts with AFTS to process lockbox payments (mailed checks), online web payments and Automated Clearing House (ACH) auto-pays for enrolled customers.

Ransomware is a type of malicious software (malware) that blocks access to data or a computer system, usually by encrypting it, and then demanding a ransom payment in exchange for the keys to decrypt that data or systems.  At this time the Port does not know if any of its customers’ information has actually been accessed by the unauthorized party who installed ransomware on AFTS’s system.

The information stored in the AFTS databases is limited to data necessary to fulfill billing (ACH autopay and the web pay portal) and processing of paper check payments. This information includes: account number, name, address, and billing amounts. Additionally, for customers who pay their bills by mailing a paper check, scanned copies of their paper checks are also stored on the AFTS servers - which include bank account and routing information. The databases do not contain social security numbers, birth dates, driver’s license numbers, state ID numbers or any other Personally Identifiable Information (PII). 

If mailing paper checks to AFTS or you are enrolled in ACH auto bill pay, bank account and routing information would be stored. If using the online web pay option credit card information could be stored.

Customers who pay by any of the payment methods mentioned above are encouraged to monitor their bank account for unusual activity and report anything suspicious to their bank right away. If you pay your bill via the online bill pay or ACH options, customers are encouraged to monitor their credit card activity.

Customers are also encouraged to change passwords on their bank account and to notify their bank that they may have been a victim of a cyberattack on AFTS and to have the bank monitor their account for suspicious activity.

This incident impacts Port customers who pay their bills by check sent in the mail to the AFTS “lockbox”, through ACH auto-pay enrollment and the web pay portal. Checks dropped off at Port offices are not impacted by this data security incident.

The Port of Everett also asks that customers not respond to any inquiries about their bills in the event that it could be a fraudulent inquiry.

Until this is resolved, we recommend mailing checks directly to the Port of Everett at PO Box 538, Everett, WA 98206, and to suspend any regularly scheduled auto payments set up through your own bank bill-pay system. The Port will not process any ACH payments until this issue has been resolved.  Other options include depositing your check in person at the Port offices drop box in front of the Marina Office and/or calling the Port Administration Office during regular business hours to make payment at 425-259-3164.

At this time, we are recommending that customers not re-pay their bill. A delay in processing these payments is expected. No late fees will be implemented for customers whose payment is delayed past the payment due-date as a result of this AFTS incident.

No, the Port will suspend late fees as a result of this data security incident.

AFTS is located in Seattle, WA and has been a billing service provider to the Port for many years. They print and mail marina invoices, as well as receive and process payments from Port customers.

AFTS has hired a forensic company to address the ransomware attack and attempt to retrieve all of its information. AFTS and the Port have also reported the ransomware attack to the local police and FBI.

We will continue to work with AFTS to gather additional information. This page includes all the information we currently have and we will continue to update this page as more information is received. 

Please use the following email for inquires relating to billing concerns stemming from the AFTS incident - aftsquestions@portofeverett.com.


No, the Port of Everett’s network did not have a security incident, only the Port’s third-party vendor – Automatic Funds Transfer Services, Inc (AFTS).