A parking app that's seen an average of 19,000 monthly uses in Rochester this year was recently hit by a cybersecurity breach, but the company reports no credit card information was accessed.
ParkMobile, the nation’s largest parking application allowing people to pay for parking through their smartphones, notified users about the breach in March, and last week it released the results of an investigation into the incident.
Rochester contracted with ParkMobile in 2018 to allow users to pay for city parking through their phones by linking to credit card accounts.
While credit card information and transaction history were not accessed, ParkMobile said basic user information was tapped during the breach. It included license plate numbers, email addresses, phone numbers and vehicle nicknames, if provided by the user. In a small percentage of cases, mailing addresses were also affected.
The company said encrypted passwords were accessed, but the encryption keys required to read them remained secure.
ADVERTISEMENT
ParkMobile said it does not collect Social Security numbers, driver’s license numbers or dates of birth often targeted in such breaches.
Nick Lemmer, Rochester communications coordinator, said it’s difficult to say how many local users exist or how many were affected by the breach, but Rochester averaged 19,453 transactions on the app per month in the first three months of the year.
With the uncertainty of who could be affected, Lemmer said the city is recommending anyone who has downloaded the phone application follow ParkMobile guidance.
“We take extensive measures to protect user passwords,” the company said in its notice. “However, as an added precaution, users can change their password in the “Settings” section of the ParkMobile app or on the web. … We recommend always using unique passwords for different online accounts.”
The website can be accessed at https://app.parkmobile.io/ to login in and change settings.
