EasyPark Group, the largest parking app operator in Europe with over 17 million users, recently experienced a data breach that exposed customer information. In mid-December 2023, the company discovered it had been the victim of a cyberattack that resulted in unauthorized access to some user data across its various parking apps, including EasyPark, RingGo, and ParkMobile.
While no sensitive parking data has been leaked according to the company, a lot of personal information such as people’s names and phone numbers have been exposed. Let’s take a look at what happened in more detail.
What Information Has Been Compromised?
The breach exposed customers' names, phone numbers, addresses, email addresses, and partial credit card numbers according to EasyPark. However, the company emphasized that no sensitive parking data, vehicle registration details, or full payment card information was obtained in the attack. The incident also did not enable any unauthorized parking transactions.
Upon discovering the breach, EasyPark immediately notified impacted customers and relevant regulatory bodies, including data protection authorities in Switzerland, Sweden, and the EU. The company urged customers to be vigilant against potential phishing attempts using the compromised information and expressed regret over the incident.
EasyPark has reassured people that while partial details of their credit cards have been leaked as part of the data breach, they can’t be used to make payments. In fact, according to the company, no combination of the information that’s been leaked can be used to make payments.
Nevertheless, the company has reminded people that they should be wary of phishing attempts.
Incident Highlights Cyber Risks Faced by Mobile Payment Platforms
This latest parking app data breach highlights the growing threat of cyberattacks faced by mobile payment platforms as city parking shifts away from cash to apps like EasyPark, RingGo, and PayByPhone. Even routine customer data can empower fraudsters, underscoring the need for robust cybersecurity controls, encryption, and prompt breach notification procedures.
Data Security Essential for Parking Companies to Maintain Trust
With parking apps gaining popularity for their convenience, consumers also need to be cautious of phishing scams in the aftermath of such breaches. The EasyPark incident serves as a sobering reminder that prioritizing data security is essential to maintaining customer trust.
As parking businesses integrate sensitive financial and personal information into their platforms, they must implement cybersecurity best practices to detect and prevent attacks. Comprehensive breach responses are also critical. This high-profile breach of the largest parking app operator in Europe demonstrates parking companies remain attractive targets for cybercriminals.
Scrutiny Expected on EasyPark's Controls and Incident Response
Regulators will likely scrutinize EasyPark's security controls and incident response. But the breach also signals that more work is needed industry-wide to protect customer data and maintain public confidence as parking apps become ubiquitous in cities across the globe.