Thursday, September 23, 2021

Parking app ParkMobile experiences data breach of 21M Users

Must Read

Multi-platform card skimmer found on BigCommerce, Shopify stores

While generally designed to target one kind of e-commerce platform, this new kind of net metering malware may assume...

Hacker leaks the user Information of event management app Peatix

Over 4.2 million consumer accounts are made available for downloading online earlier this month.A hacker has leaked that this...

SitePoint, a Webdev tutorials site, discloses data breach

The SitePoint web developers community has disclosed a data breach after one million user credentials were sold on a...

The popular mobile app that drivers use to pay and find available public parking in Pittsburgh and in other cities experienced a data breach several weeks ago that affected 21 million users nationwide.

ParkMobile is an Atlanta, GA-based company that offers a free app allowing users to find open parking spaces across the United States and pay from the comfort of their cars through their smartphones to save the time needed to fiddle with the meter.

Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords, and mailing addresses.

The sample data from ParkMobile shared by a hacker on a cybercrime forum reveals data allegedly belonging to some big names.

The Pittsburgh Parking Authority Tuesday confirmed the breach, saying that hackers broke in and stole some users’ personal information. Authority officials said, however, that credit card information and Social Security numbers were not breached.

Asked about the sales thread, Atlanta-based ParkMobile said the company published a notification on Mar. 26 about “a cybersecurity incident linked to a vulnerability in a third-party software that we use.”

“In response, we immediately launched an investigation with the assistance of a leading cybersecurity firm to address the incident,” the notice reads. “Out of an abundance of caution, we have also notified the appropriate law enforcement authorities. The investigation is ongoing, and we are limited in the details we can provide at this time.”

However, cybersecurity researchers at Gemini Advisory soon discovered a database from the breach being offered for purchase on several hacker forums including Russian-speaking cybercrime forums. The data included in the listing concern email addresses, phone numbers, license plate numbers for all registered vehicles of a user, and hashed passwords

The data items that have not been accessed because they were not present in the ParkMobile database, to begin with, are parking history, location history, social security numbers, driver’s license numbers, and plaintext passwords. 

If you’re a ParkMobile user, changing your account password might be a pro move. 

On the other hand, the dark web seller has set a price tag of $125,000 which is a little high. So ParkMobile users may have some time before their details are massively leaked.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

Apple Releases patches for an actively exploited zero-day flaw in ios, macOS

Apple on Monday Release an urgent security patch for iOS,macOS, iPadOS, to address a zero-day flaw that has been actively exploited.Apple has revealed that...

More Articles Like This