Parking app developer EasyPark has printed a discover on its web site warning of an information breach it found on December 10, 2023, which impacts an unknown variety of its hundreds of thousands of customers.
EasyPark is a Swedish firm that creates cell and net apps that function parking area locators, reserving managers, and EV charging level finders.
The corporate operates digital parking companies in 20 nations and over 4,000 cities, overlaying most of Europe, the US, Australia, New Zealand, and the UK.
The EasyPark app (Europe-focused) has over 10 million downloads on Google Play, whereas its different apps, RingGo (UK-focused) and ParkMobile (US-focused), have 5 million installs every.
As reported by BleepingComputer, ParkMobile disclosed a large information breach in 2021 that uncovered the stolen information for 21 million clients. This database was subsequently launched totally free on a hacking discussion board.
Though a agency spokesperson has declined to offer particulars about this new breach and what number of clients have been impacted, they instructed BleepingComputer {that a} portion of European customers had been affected, indicating that the incident considerations primarily EasyPark app customers.
The corporate’s announcement mentions that some clients have had the next info compromised, relying on what they’ve offered to the platform:
- Title
- Telephone quantity
- Bodily deal with
- E mail deal with
- Some digits of their bank card/debit card or IBAN
The above may assist cybercriminals launch efficient phishing assaults in opposition to the uncovered EasyPark customers, which the corporate warns explicitly about within the information breach discover.
Nevertheless, the corporate clarifies that the disclosed information doesn’t pose a threat for executing unauthorized transactions, and no such actions have resulted from the cybersecurity incident.
Customers who’re impacted by this incident will obtain customized notices from EasyPark through in-app messages, push notifications, e mail, and SMS.
“If you wish to know in case you are affected, please open the app,” suggests the FAQ on the info breach discover.
At the moment, the app’s companies proceed to be accessible as regular, whereas EasyPark’s safety workforce is implementing further safety and privateness measures to make sure that the opposed results of the incident have been contained.
The information safety authorities in Sweden, the UK, and Switzerland have been notified in regards to the incident.
As a precaution, and for the reason that nature of the cybersecurity incident stays undisclosed, it could be prudent for all customers to reset their account passwords and do the identical on all on-line platforms the place they could be utilizing the identical credentials.
On the time of writing, no ransomware teams have taken accountability for an assault on EasyPark.
Nevertheless, risk actors have already began in search of the stolen information in hacking discussion board posts seen by BleepingComputer.
