IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Municipal Parking App Reports Cybersecurity Breach

ParkMobile, which provides a digital parking-payment app for Keene, N.H., and other municipalities, was the victim of a data breach that accessed users' information, the company has announced.

a nearly empty parking lot seen from the air
Shutterstock/Andreas Altenburger
(TNS) — ParkMobile, which provides a digital parking-payment app for Keene, N.H., streets and lots, was the victim of a data breach that accessed users' information, the company has announced.

In a March 26 security notification, the Atlanta-based firm said it had recently become aware of a "cybersecurity incident" related to a vulnerability in third-party software.

An investigation into the incident found that the data accessed includes users' license plate numbers and, if provided, email addresses and phone numbers, ParkMobile said in a separate notice Tuesday. In a small percentage of cases, the company said, it includes users' mailing addresses.

Data accessed in the security breach also includes encrypted passwords but not the encryption keys needed to read them, ParkMobile announced. Still, it encouraged users to consider changing their passwords for the app.

No credit card information or parking transaction history were accessed, the company said Tuesday.

ParkMobile spokesman  Jeff Perkins  did not immediately respond to a request from The Sentinel for more information Tuesday morning.

KrebsOnSecurity, a cybersecurity blog run by former Washington Post reporter  Brian Krebs , reported the breach Monday.

KrebsOnSecurity learned of the breach from a New York City threat-intelligence firm that monitors cybercrime, the blog reported. Account information for 21 million ParkMobile users that was accessed in the incident is being sold online, KrebsOnSecurity reported, citing information from a Russian-language web forum.

Keene began using ParkMobile in January 2014. The mobile app allows people to pay for parking on their phone, with users asked to identify where they parked and to provide their license plate and payment information.

Keene officials did not immediately respond to a request for more information, including an inquiry into whether the city had been informed of the ParkMobile breach.

This article has been updated with information from a security notification that ParkMobile released Tuesday.

(c)2021 The Keene Sentinel (Keene, N.H.). Distributed by Tribune Content Agency, LLC.