Parking app developer EasyPark has revealed a discover on its web site warning of an information breach it found on December 10, 2023, which impacts an unknown variety of its hundreds of thousands of customers.
EasyPark is a Swedish firm that creates cellular and internet apps that function parking house locators, reserving managers, and EV charging level finders.
The corporate operates digital parking companies in 20 international locations and over 4,000 cities, overlaying most of Europe, the USA, Australia, New Zealand, and the UK.
The EasyPark app (Europe-focused) has over 10 million downloads on Google Play, whereas its different apps, RingGo (UK-focused) and ParkMobile (US-focused), have 5 million installs every.
As reported by BleepingComputer, ParkMobile disclosed a large information breach in 2021 that uncovered the stolen information for 21 million clients. This database was subsequently launched free of charge on a hacking discussion board.
Though a agency spokesperson has declined to supply particulars about this new breach and what number of clients had been impacted, they instructed BleepingComputer {that a} portion of European customers had been affected, indicating that the incident considerations primarily EasyPark app customers.
The corporate’s announcement mentions that some clients have had the next data compromised, relying on what they’ve supplied to the platform:
- Identify
- Telephone quantity
- Bodily handle
- E mail handle
- Some digits of their bank card/debit card or IBAN
The above may assist cybercriminals launch efficient phishing assaults in opposition to the uncovered EasyPark customers, which the corporate warns explicitly about within the information breach discover.
Nevertheless, the corporate clarifies that the disclosed information doesn’t pose a threat for executing unauthorized transactions, and no such actions have resulted from the cybersecurity incident.
Customers who’re impacted by this incident will obtain personalised notices from EasyPark through in-app messages, push notifications, e mail, and SMS.
“If you wish to know in case you are affected, please open the app,” suggests the FAQ on the info breach discover.
Presently, the app’s companies proceed to be accessible as regular, whereas EasyPark’s safety group is implementing extra safety and privateness measures to make sure that the antagonistic results of the incident have been contained.
The info safety authorities in Sweden, the UK, and Switzerland have been notified in regards to the incident.
As a precaution, and because the nature of the cybersecurity incident stays undisclosed, it will be prudent for all customers to reset their account passwords and do the identical on all on-line platforms the place they could be utilizing the identical credentials.
On the time of writing, no ransomware teams have taken accountability for an assault on EasyPark.
Nevertheless, risk actors have already began searching for the stolen information in hacking discussion board posts seen by BleepingComputer.