Parking Databreach Hits Airports

Park ‘N Fly’s tagline—”More Than Just Parking”—was proven quite correct Tuesday (Dec. 16) when its customers were also given a large payment data breach, according to a report from Krebs On Security.

“Multiple financial institutions say they are seeing a pattern of fraud that indicates an online credit card breach has hit Park-n-Fly, an Atlanta-based offsite airport parking service that allows customers to reserve spots in advance of travel via an Internet-based reservation system,” the Krebs story noted. “The security incident, if confirmed, would be the latest in a string of card breaches involving compromised payment systems at parking services nationwide.”

The nature of the data grabbed would only support fraudulent online purchases, as it accessed insufficient data for full card cloning to make physical store purchases.

Krebs pointed out other recent parking breaches. “Last month, SP Plus — a Chicago-based parking facility provider — said payment systems at 17 parking garages in Chicago, Philadelphia and Seattle that were hacked to capture credit card data after thieves installed malware to access credit card data from a remote location. Card data stolen from those SP+ locations ended up for sale on a competing cybercrime store called Goodshop. In Missouri, the St. Louis Parking Company recently disclosed that it learned of breach involving card data stolen from its Union Station Parking facility between Oct. 6, 2014 and Oct. 31, 2014.”