EasyPark data breach may affect millions of customers

Data Breach
Image Credit: Shutterstock (Image credit: Shutterstock)

EasyPark has confirmed it was hit in a cyberattack that saw customer data breached and revealed online.

The company, which runs apps to help people find parking spots, said in an alert to customers that it discovered the breach on December 10 2023.

According to BleepingComputer, the announcement did not hold any details about what exactly happened, or how many people were affected. However, a company spokesperson told the publication that a “portion of European users” were affected, which should mean the incident is contained mostly within the EasyPark app. 

Reader Offer: Save up to 68% on Aura identity theft protection

Reader Offer: Save up to 68% on Aura identity theft protection
TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal. Save up to 50% today. 

 Preferred partner (What does this mean?) 

Staying vigilant

Depending on what information the users provided the platform with, the hackers stole some, or all, of the following data entries: names, phone numbers, physical addresses, email addresses, and some digits of their credit card/debit card or IBAN.

While “some digits of a credit card” were stolen, the company claims the hackers don’t have enough data to make unauthorized transactions or wire fraud. However, the threat actors will have enough information on EasyPark users to mount phishing attacks, identity theft, or similar, so caution is advised, especially when receiving messages claiming to be coming from the company. Users are also advised to reset their account passwords and update their login credentials on all other platforms where they may have used the same username/password combination.

Impacted individuals will be notified through the EasyPark app, email, and SMS, the company further explained. “If you want to know if you are affected, please open the app," it said. At the time of press, EasyPark continues to operate normally. The company is currently working on strengthening its security standing and has notified the police in Sweden, the UK, and Switzerland. 

At the moment, no hacking group has claimed responsibility for the attack, nor asked for payment in exchange for the data. 

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.