EasyPark has confirmed it was hit by a cyber attack where customer data was leaked and made public online.
The company, which runs apps to help people find parking, said in an alert to customers that it discovered the breach on December 10, 2023.
According to BleepingComputer, the announcement provided no details about what exactly happened, or how many people were affected. However, a company spokesperson told the publication that a “portion of European users” were affected, which should mean the incident is largely within the EasyPark app.
Stay alert
Depending on the information users provided to the platform, the hackers stole some or all of the following data: names, phone numbers, physical addresses, email addresses and some digits of their credit/debit card or IBAN.
Although “several digits of a credit card” were stolen, the company claims the hackers do not have enough data to carry out unauthorized transactions or bank fraud. However, the threat actors will have enough information about EasyPark users to carry out phishing attacks, identity theft or the like, so caution should be exercised, especially when receiving messages claiming to be from the company. Users are also advised to reset their account passwords and update their login details on all other platforms where they may have used the same username and password combination.
Affected individuals will be notified via the EasyPark app, email and SMS, the company further explained. “To find out if you are affected, open the app,” it said. At the time of writing, EasyPark continues to function normally. The company is currently working to strengthen its safety record and has notified police in Sweden. Great Britain and Switzerland.
At this time, no hacking group has claimed responsibility for the attack or requested payment in exchange for the data.