The Information Highway

The Information Highway

Font size: +
2 minutes reading time (436 words)

EasyPark discloses data breach that may impact millions of users

Parking app developer EasyPark has published a notice on its website warning of a data breach it discovered on December 10, 2023, which impacts an unknown number of its millions of users. 

EasyPark is a Swedish company that creates mobile and web apps that serve as parking space locators, booking managers, and EV charging point finders.

The company operates digital parking services in 20 countries and over 4,000 cities, covering most of Europe, the United States, Australia, New Zealand, and the UK.

The EasyPark app (Europe-focused) has over 10 million downloads on Google Play, while its other apps, RingGo (UK-focused) and ParkMobile (US-focused), have 5 million installs each.

ParkMobile disclosed a massive data breach in 2021 that exposed the stolen data for 21 million customers. This database was subsequently released for free on a hacking forum.

Although a firm spokesperson has declined to provide details about this new breach and how many customers were impacted, they explained that a portion of European users had been affected, indicating that the incident concerns mainly EasyPark app users.

The company's announcement mentions that some customers have had the following information compromised, depending on what they have provided to the platform:

  • Name
  • Phone number
  • Physical address
  • Email address
  • Some digits of their credit card/debit card or IBAN

The above could help cybercriminals launch effective phishing attacks against the exposed EasyPark users, which the company warns explicitly about in the data breach notice.

However, the company clarifies that the disclosed data does not pose a risk for executing unauthorized transactions, and no such activities have resulted from the cybersecurity incident.

Users who are impacted by this incident will receive personalized notices from EasyPark via in-app messages, push notifications, email, and SMS.

"If you want to know if you are affected, please open the app," suggests the FAQ on the data breach notice. 

At this time, the app's services continue to be accessible as normal, while EasyPark's security team is implementing additional security and privacy measures to ensure that the adverse effects of the incident have been contained.

The data protection authorities in Sweden, the United Kingdom, and Switzerland have been notified about the incident.

As a precaution, and since the nature of the cybersecurity incident remains undisclosed, it would be prudent for all users to reset their account passwords and do the same on all online platforms where they might be using the same credentials.

At the time of writing, no ransomware groups have taken responsibility for an attack on EasyPark.

However, threat actors have already started looking for the stolen data in hacking forum posts.

Eagers Automotive halts trading in response to cyb...
Microsoft disables MSIX protocol handler abused in...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Friday, 20 December 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023