EasyPark Reveals Massive Data Breach: Millions of Users Potentially Affected

EasyPark’s Millions of Users Potentially Affected by Data Breach

Swedish parking app developer EasyPark recently disclosed a data breach on its website, which was discovered on December 10, 2023. The breach has impacted an unknown number of its millions of users, while the company remains tight-lipped about the specifics.

EasyPark creates mobile and web apps that help users find parking spaces, manage bookings, and locate EV charging points. With digital parking services in over 4,000 cities across 20 countries, including most of Europe, the United States, Australia, New Zealand, and the UK, EasyPark is quite popular. Its Google Play downloads for the Europe-focused app alone exceed 10 million, with the UK-focused RingGo and US-focused ParkMobile apps boasting 5 million installs each.

In 2021, we reported on a massive data breach involving ParkMobile that exposed the stolen data of 21 million customers. This database was subsequently released for free on a hacking forum.

Data Breach Details and User Impact

EasyPark has not revealed the extent of the new breach or the number of customers affected. However, a spokesperson stated that a portion of European users had been impacted, suggesting the primary concern is for EasyPark app users.

Depending on the information users provided to the platform, the breach compromised:

• Name
• Phone number
• Physical address
• Email address
• Some digits of their credit card/debit card or IBAN

Such data can be used by cybercriminals to launch effective phishing attacks against exposed EasyPark users. The company has explicitly warned about this in its data breach notice.

However, EasyPark clarified that the disclosed data does not pose a risk for executing unauthorized transactions, and no such activities have resulted from the cybersecurity incident.

Notifications and Precautions

Impacted users will receive personalized notices from EasyPark via in-app messages, push notifications, email, and SMS. The FAQ on the data breach notice suggests users open the app to find out if they are affected.

Services remain accessible as normal, and EasyPark’s security team is implementing additional security and privacy measures to contain the adverse effects of the incident. Data protection authorities in Sweden, the United Kingdom, and Switzerland have been notified.

As a precaution, it is advisable for all users to reset their account passwords and do the same for any online platforms where they might be using the same credentials. At the time of writing, no ransomware groups have claimed responsibility for an attack on EasyPark, but threat actors have already started looking for the stolen data in hacking forum posts.

Stay Informed and Protect Your Data

It’s essential to stay informed about the latest cybersecurity threats and take steps to protect your data. We at IT Services are committed to providing you with the information and tools you need to stay safe online. Keep coming back to learn more about the latest threats and the best practices for protecting your sensitive information. If you have any questions or concerns, don’t hesitate to contact us for assistance.