Parking app developer EasyPark has revealed a discover on its web site warning of a knowledge breach it found on December 10, 2023, which impacts an unknown variety of its tens of millionsĀ of customers.
EasyPark is a Swedish firm that creates cellular and net apps that function parking area locators, reserving managers, and EV charging level finders.
The corporate operates digital parking companies in 20 international locations and over 4,000 cities, protecting most of Europe, the USA, Australia, New Zealand, and the UK.
The EasyPark app (Europe-focused) hasĀ over 10 million downloadsĀ on Google Play, whereas its different apps,Ā RingGoĀ (UK-focused) andĀ ParkMobileĀ (US-focused), have 5 million installs every.
As reported by BleepingComputer,Ā ParkMobile disclosed an enormous information breachĀ in 2021 that uncovered the stolen information for 21 million prospects.Ā This database was subsequently launched free of charge on a hacking discussion board.
Though a agency spokesperson has declined to supply particulars about this new breach and what number of prospects had been impacted, they informed BleepingComputer {that a} portion of European customers had been affected, indicating that the incident issues primarily EasyPark app customers.
The corporate’s announcement mentions that some prospects have had the next data compromised, relying on what they’ve supplied to the platform:
- Identify
- Cellphone quantity
- Bodily deal with
- E-mail deal with
- Some digits of their bank card/debit card or IBAN
The above may assist cybercriminals launch efficient phishing assaults towards the uncovered EasyPark customers, which the corporate warns explicitly about within theĀ information breach discover.
Nevertheless, the corporate clarifies that the disclosed information doesn’t pose a threat for executing unauthorized transactions, and no such actions have resulted from the cybersecurity incident.
Customers who’re impacted by this incident will obtain customized notices from EasyPark by way of in-app messages, push notifications, e mail, and SMS.
“If you wish to know in case you are affected, please open the app,” suggests the FAQ on the info breach discover.
Right now, the app’s companies proceed to be accessible as regular, whereas EasyPark’s safety staff is implementing extra safety and privateness measures to make sure that the antagonistic results of the incident have been contained.
The info safety authorities in Sweden, the UK, and Switzerland have been notified in regards to the incident.
As a precaution, and for the reason that nature of the cybersecurity incident stays undisclosed, it will be prudent for all customers to reset their account passwords and do the identical on all on-line platforms the place they may be utilizing the identical credentials.
On the time of writing, no ransomware teams have taken accountability for an assault on EasyPark.
Nevertheless, menace actors have already began in search of the stolen information in hacking discussion board posts seen by BleepingComputer.
