Update: Security Notification - March 2021 - Settlement

UPDATE: December 5, 2024

If you are an individual whose Personal Information was impacted by the March 2021 Data Breach announced by ParkMobile, a class action settlement may affect your rights.

For additional information, please access www.ParkMobileSettlement.com.

_____________________________________

UPDATE: November, 15, 2024

At ParkMobile, the trust of our customers is our top priority. We are aware that some of our customers are taking steps to safeguard their information by using third-party applications to monitor their personal data. Recently, we have received an increase in calls related to a third-party platform notifying customers that their information may have been involved in a potential cybersecurity incident.

To clarify, the incident referenced in these alerts may relate to a cybersecurity incident from March 2021. ParkMobile has not experienced a similar incident since 2021. 

Following the March 2021 event, we immediately launched an investigation, quickly eliminated a third-party vulnerability, and continue to maintain our security and monitor our systems. We also notified our customers and appropriate law enforcement and data protection authorities. More details regarding the March 2021 incident may be found below.

As an additional security measure, we have recently changed our login process. Our application no longer requires users to create or maintain passwords; instead we require multi-factor authentication (MFA) through a secure magic link to access your account.

Please rest assured we take seriously our responsibility to safeguard the security of our customers’ information and appreciate your continued trust.

 

UPDATE: April 15, 2021

This notice applies to users of the ParkMobile app and city/operator branded white-label apps.*

As we shared in our security notification on March 26, we became aware of a cybersecurity incident in March linked to a vulnerability in a third-party software that we use. In response, we immediately launched an investigation with the assistance of a leading cybersecurity firm to address the incident. We quickly eliminated the third-party vulnerability, and we continue to maintain our security and monitor our systems. Out of an abundance of caution, we also notified the appropriate law enforcement authorities.

We recently concluded our investigation and are now updating our users of the findings. Below are the key points about the incident.

  1. The investigation confirmed that no credit card information was accessed.
  2. No data related to a user’s parking transaction history was accessed.
  3. Only basic user information was accessed. This includes license plate numbers, as well as email addresses, phone numbers, and vehicle nicknames, if provided by the user. In a small percentage of cases, mailing addresses were also affected.
  4. Encrypted passwords were accessed, but not the encryption keys required to read them. We protect user passwords by encrypting them with advanced hashing and salting technologies.
  5. We do not collect Social Security numbers, driver’s license numbers, or dates of birth.

We take extensive measures to protect user passwords. However, as an added precaution, users can change their password in the “Settings” section of the ParkMobile app or on the web by clicking this link. We recommend always using unique passwords for different online accounts.

Click here for step-by-step instructions on how to change user passwords.

As the largest parking app in the U.S., the trust of our users is our top priority. Please rest assured we take seriously our responsibility to safeguard the security of our users’ information.

*City/operator branded white-label apps include Go Mobile PGH, Park Columbus, meterUp, MPLS Parking, Park Houston, ParkLouie, MKE Park, FW Park, Park It Charlotte, ParkNYC, 717 Parking, Park 915, and Premier Parking.

 

Previous Notification from April 13, 2021

In keeping with our commitment to transparency, we want to share an update on the cybersecurity incident we announced last month.

Our investigation concluded that encrypted passwords, but not the encryption keys needed to read them, were accessed. While we protect user passwords by encrypting them with advanced hashing and salting technologies, as an added precaution, users may consider changing their passwords in the "Settings" section of the ParkMobile app or by clicking this link.

Our investigation has confirmed that basic user information – license plate numbers and, if provided by the user, email addresses and/or phone numbers, and vehicle nicknames – was accessed. In a small percentage of cases, mailing addresses were affected. No credit cards or parking transaction history were accessed, and we do not collect Social Security numbers, driver’s license numbers, or dates of birth.

Please rest assured we take seriously our responsibility to safeguard the security of our users’ information and appreciate your continued trust.

 

Previous Notification from March 26, 2021

We recently became aware of a cybersecurity incident linked to a vulnerability in a third-party software that we use. In response, we immediately launched an investigation with the assistance of a leading cybersecurity firm to address the incident. Out of an abundance of caution, we have also notified the appropriate law enforcement authorities.

The investigation is ongoing, and we are limited in the details we can provide at this time. Our investigation indicates that no sensitive data or Payment Card Information, which we encrypt, was affected. Meanwhile, we have taken additional precautionary steps since learning of the incident, including eliminating the third-party vulnerability, maintaining our security, and continuing to monitor our systems.

We take seriously our responsibility to safeguard the security of our customers’ information. We will update this page if any new information is determined.

Was this article helpful?
748 out of 1134 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.