WALLA WALLA, Wash. — Walla Walla County taxpayers received a notice in the mail Monday of a malware attack earlier this fall involving the company that manages local electronic property tax statements and assessments.

The server that manages the eNoticesOnline system was accessed by an intruder in October, according to the letter.

Records on the site are public, but the intruder may have accessed taxpayers’ usernames and passwords.

“As a result, we forced a password change on eNoticesOnline.com. … We recommend that you change your password on any other website you may have used the same password,” according to a message at the number provided by the company for people with questions about the data breach.

The Master’s Touch LLC is a third-party provider to the county of electronic property-tax statements. People use eNoticesOnline.com to sign up and download their electronic statements, County Treasurer Gordon Heimbigner said.

A forensics company was hired by The Master’s Touch to determine what the intruder might have accessed.

“I didn’t see anywhere where anybody had been impacted,” Heimbigner said.

No unauthorized removal of data files was found, but it could not be determined if the files had been viewed, according to the letter.

Credit card information was not accessed by the intruder.

“From what I’ve been told, the credit card side is completely separate. It wasn’t affected by anything,” Heimbigner said.

Users click a link to go out to a separate site to pay with a credit card, which is password protected.

The forensics confirmation was complete Nov. 19. Notices to the public were sent out Dec. 9.

“It took that long for the forensic people to find out what actually was affected and if anything was affected,” Heimbigner said.

The Master’s Touch LLC is blocking malicious IP addresses, “whistling” known IP addresses, resetting all administrative and customer passwords, updating server configurations and expanding monitoring efforts to prevent future malware attacks, according to the letter.