Popular app violated, private information of 21 million users exposed
A very popular app was breached recently and the private information of 21 million users was revealed, claims KerbsOnSecurity. The application in question is called ParkMobile, and it is available on both Android and iOS platforms.
ParkMobile, a popular parking app has been violated, and private information has been revealed as a result
KerbsOnSecurity reported that someone is selling account information for 21 million ParkMobile users. This parking app is very popular in North America, in fact.
The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses, the source says.
KerbsOnSecurity notes that it first heard of this violation of Gemini review, a New York-based threat intelligence firm that monitors cybercrime forums. Some stolen data screenshots were shared including ParkMobile ParkMobile account information.
ParkMobile responded to a question regarding this sales thread. The company said it issued a notification on March 26 regarding “a cybersecurity incident related to a vulnerability in third-party software that we use.”
ParkMobile has also launched an investigation with the help of a “leading cybersecurity company”, so that they can resolve the incident. The company also informed law enforcement authorities.
The company confirmed that the investigation is ongoing
ParkMobile said the investigation is ongoing and it cannot share further details at this time. The company also noted that “no sensitive data or payment card information” was affected because it is encrypted.
The company also added that the attackers mainly access basic information, such as license plate numbers, email addresses and / or phone numbers and vehicle names. Some postal addresses were also consulted, however,
ParkMobile has not informed users to change their passwords, at least not according to KerbsOnSecurity. However, if you are a user of the service, changing your password certainly can’t hurt.
Whether or not the attackers will be caught remains to be seen, but this incident is certainly notable. Fortunately, no additional information was stolen, such as credit card information.