Local

Report: Parking app used in Charlotte says users’ personal info was breached

ATLANTA — An app, which is used in several cities to let people pay for public parking, reported its users’ personal information has been breached.

ParkMobile has been used in Charlotte for several years and, according to its website, “makes it easy to find and pay for parking without running back to feed the meter.”

[City adds pay by phone for uptown parking]

The company told officials that it became aware of the breach, which happened in March and involved third-party software used by the company.

According to the company, about 21 million accounts were accessed, including Charlotte users. Officials said no parking transaction data or credit card information was compromised.

“Only basic account information was accessed. This includes license plate numbers, as well as email addresses, phone numbers, and vehicle nicknames, if provided by the user. In a small percentage of cases, mailing addresses were also affected,” ParkMobile said in a statement.

The company said it does not collect information like Social Security numbers, driver’s license numbers or dates of birth, so no data of that kind was compromised.

“Upon discovery of the incident, the vulnerability was identified and eliminated immediately. ParkMobile currently has very strong security protocols in place. Cybersecurity threats are constantly evolving. We have to continue to evolve as well. We take security very seriously and will continue to invest in the people, processes, and tools to protect our business, users, and clients from bad actors,” the company said in a statement.

Encrypted passwords were also accessed, the company stated.

The company encourages users to change their passwords immediately.

The account information for any user who signed up for ParkMobile after March 17, 2021 would not be affected.

Read ParkMobile’s full statement to the Charlotte Department of Transportation below:

ParkMobile’s outreach to customers is ongoing as we have currently posted updates on our website homepage (https://parkmobile.io/), and are developing an email to customers as well as in-app messaging.

Our investigation determined about 21 million accounts were accessed, including Charlotte users. No parking transaction data or credit card information was compromised. Only basic account information was accessed. This includes license plate numbers, as well as email addresses, phone numbers, and vehicle nicknames, if provided by the user. In a small percentage of cases, mailing addresses were also affected. ParkMobile does not collect information like Social Security numbers, driver’s license numbers, or dates of birth. No data of that kind is part of this incident. The account information for any user who signed up for ParkMobile after March 17, 2021 would not be affected.

Upon discovery of the incident, the vulnerability was identified and eliminated immediately. ParkMobile currently has very strong security protocols in place. Cybersecurity threats are constantly evolving. We have to continue to evolve as well. We take security very seriously and will continue to invest in the people, processes, and tools to protect our business, users, and clients from bad actors.