If you're a user of ParkMobile, the popular parking app, your credentials were just leaked on line after a breach. KrebsonSecurity reported this week that someone is selling account information for 21 million customers of Park Mobile. The stolen customer data includes email addresses, dates of birth, phone numbers license plate number, hashed passwords, and mailing addresses.
On March 26, ParkMobile published a security notification about "a cybersecurity incident linked to a vulnerability in a third-party software that we use."
“In response, we immediately launched an investigation with the assistance of a leading cybersecurity firm to address the incident,” the notice reads. “Out of an abundance of caution, we have also notified the appropriate law enforcement authorities. The investigation is ongoing, and we are limited in the details we can provide at this time.”
What's interesting about this is actually pretty typical in breaches. The company became aware of the event but didn't know the full extent of the damage immediately. Gemini Advisory, a New York City based threat intelligence firm that keeps a close eye on cybercrime forums, found the data.
What does this mean for you? Here's a few things we recommend.
- Assume your information will find its way to the dark web after any breach.
- Using tools like Dark Web Monitoring can help ID your data on the dark web, like an early warning system.
- Be aware that companies that have experienced a breach, even if they report early, don't know the full extent of the damage right away.
- NEVER re-use passwords for multiple sites. Criminals use a technique called "credential stuffing" to test your passwords at other sites.
- Use a business class password manager to securely store your passwords and enable you to have unique and STRONG passwords for every site you work with.
This is the world we live in, and adjustments are needed. Cyber crime is the biggest form of organized crime, and this is where the money is for criminals. The price tag on this list of data is $125,000, and the criminals are busy looking for more deals. The more you know, the more you can help yourself, your team, and your family stay safe on line.
Got questions? Give us a call to set up a complimentary consultation.