Another online airport parking reservation service has apparently been hit by a payment card breach — and once again the breach has links to the massive card thefts from Target and Home Depot, according to Krebs on Security.
In late January, a new batch of credit card numbers that appear to have been stolen from Book2Park.com, a suburban Washington, D.C., parking reservation service, appeared for sale on the same cards-for-sale site where millions of cards stolen from Target and Home Depot appeared. Cards from two other parking reservation services — Atlanta-based Park ‘N Fly and suburban-Cincinnati-based OneStopParking.com — have also recently shown up on the site. Both those companies confirmed last month that they had been breached.
Book2Park.com owner Anna Infante said she was not aware that potentially thousands of her customers’ cards were for sale online. But she said a technology firm the company contracts with did recently discover and remove malicious files that were somehow planted on Book2park’s Web server. “We already took action on this, and we are totally on it,” Infante said. “We are taking all further steps in protecting our customers and reporting this to the proper authorities.”
However, several banks told security investigator Brian Krebs that they had each acquired a handful of stolen credit card numbers from a batch that was recently posted online for sale. Each of the financial institutions found the same pattern: All the cards they bought had been issued to customers who recently made airport parking reservations at Book2Park.com.
Unlike the card accounts stolen from OneStopParking and Park ‘N Fly, which sold for prices between $6 and $13, the cards taken from Book2Park’s site mostly fetch prices ranging from $12 to $18. This could be because most of those cards were issued by European banks, which tend to sell for higher prices on the site.
Book2Park.com offers parking reservations at 90 U.S. airports and seaports, but there’s no clear connection with the other two parking services, either in their current or previous hosting infrastructures or Web technologies, Krebs said.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More