EasyPark has confirmed it was hit in a cyberattack that saw customer data breached and revealed online.
The company, which runs apps to help people find parking spots, said in an alert to customers that it discovered the breach on December 10 2023.
According to BleepingComputer, the announcement did not hold any details about what exactly happened, or how many people were affected. However, a company spokesperson told the publication that a “portion of European users” were affected, which should mean the incident is contained mostly within the EasyPark app.
Depending on what information the users provided the platform with, the hackers stole some, or all, of the following data entries: names, phone numbers, physical addresses, email addresses, and some digits of their credit card/debit card or IBAN.
While “some digits of a credit card” were stolen, the company claims the hackers don’t have enough data to make unauthorized transactions or wire fraud. However, the threat actors will have enough information on EasyPark users to mount phishing attacks, identity theft, or similar, so caution is advised, especially when receiving messages claiming to be coming from the company. Users are also advised to reset their account passwords and update their login credentials on all other platforms where they may have used the same username/password combination.
Impacted individuals will be notified through the EasyPark app, email, and SMS, the company further explained. “If you want to know if you are affected, please open the app,” it said. At the time of press, EasyPark continues to operate normally. The company is currently working on strengthening its security standing and has notified the police in Sweden, the UK, and Switzerland.
At the moment, no hacking group has claimed responsibility for the attack, nor asked for payment in exchange for the data.