Saturday, December 4, 2021

Parking app ParkMobile experiences data breach of 21M Users

Must Read

Cyber Helpline Receives Lottery Funding to Assist Growing Number of Victims

The Cyber Helpline, a volunteer organization that delivers emergency help to victims of cybercrime and cyber-stalking in the united...

SA’s 11 million Players warned of targeted cyber attacks

The worldwide gaming market has seen significant growth under lockdown, during a period when it had been rated the...

8 Percent of Google Play apps vulnerable to an Older security bug

Devs haven't upgraded a vital library within their programs, leaving users vulnerable to harmful attacks. A number of those...

The popular mobile app that drivers use to pay and find available public parking in Pittsburgh and in other cities experienced a data breach several weeks ago that affected 21 million users nationwide.

ParkMobile is an Atlanta, GA-based company that offers a free app allowing users to find open parking spaces across the United States and pay from the comfort of their cars through their smartphones to save the time needed to fiddle with the meter.

Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords, and mailing addresses.

The sample data from ParkMobile shared by a hacker on a cybercrime forum reveals data allegedly belonging to some big names.

The Pittsburgh Parking Authority Tuesday confirmed the breach, saying that hackers broke in and stole some users’ personal information. Authority officials said, however, that credit card information and Social Security numbers were not breached.

Asked about the sales thread, Atlanta-based ParkMobile said the company published a notification on Mar. 26 about “a cybersecurity incident linked to a vulnerability in a third-party software that we use.”

“In response, we immediately launched an investigation with the assistance of a leading cybersecurity firm to address the incident,” the notice reads. “Out of an abundance of caution, we have also notified the appropriate law enforcement authorities. The investigation is ongoing, and we are limited in the details we can provide at this time.”

However, cybersecurity researchers at Gemini Advisory soon discovered a database from the breach being offered for purchase on several hacker forums including Russian-speaking cybercrime forums. The data included in the listing concern email addresses, phone numbers, license plate numbers for all registered vehicles of a user, and hashed passwords

The data items that have not been accessed because they were not present in the ParkMobile database, to begin with, are parking history, location history, social security numbers, driver’s license numbers, and plaintext passwords. 

If you’re a ParkMobile user, changing your account password might be a pro move. 

On the other hand, the dark web seller has set a price tag of $125,000 which is a little high. So ParkMobile users may have some time before their details are massively leaked.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Panasonic Suffers Data Breach After attackers access internal network

Tech manufacturing giant Panasonic has confirmed that its network was accessed illegally this month during a cyberattack.Panasonic has disclosed a security...

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process of protecting your endpoints, be...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

More Articles Like This