Hack Notice

Hack Notice: Calgary Parking Authority

Calgary Parking Authority

Source
https://techcrunch.com/2021/07/28/calgarys-parking-authority-exposed-drivers-personal-data-and-tickets/
Description
Calgarys parking dominance exposed drivers personal data and tickets Zack Whittaker@zackwhittaker / 10:00 am CDT"July 28, 2021 Comment Grunge parking lot Image Credits: Samaro (opens in a new window)/ Getty Images If you parked your car in one of the thousands of parking spots across Calgary, theres a good gamble you paid the Calgary Parking authority for the privilege. But soon you mightiness be audience from the authority after a recent certificate lapse exposed the personal info of vehicle owners. The parking authority oversees about 14% of the paid parking spots in the Calgary region, and lets drivers pay to green their cars by a parking kiosk, online, or through the phone app by entering their vehicles permission scale number and payment details. But a logging server used to monitor the authoritys parking system for bugs and errors was left on the internet without a password. The server contained computer-readable technical logs, but also real-world events like payments and parking tickets that contained a drivers personal information. A brushup of the logs by TechCrunch found contact information, like drivers full names, dates of birth, phone numbers, email addresses and postal addresses, as well as details of parking tickets and parking offenses  which included permission plates and vehicle descriptions  and in some cases the location data of where the alleged parking offense took place. The logs also contained some partial card payment numbers and expiry dates. None of the data was encrypted. Because the servers data was entangled with logs and other computer-readable data, its not known exactly how many multitude had their info exposed by the security lapse. (In 2019, the Calgary Parking potency issued more than 450,000 parking tickets, up by 69% in fivesome years.) Security researcher Anurag Sen found the exposed server and asked TechCrunch for help in reporting it to its owner. The server was secured on Tuesday, a day after TechCrunch contacted the authority. A spokesperson for the authority confirmed that the server was exposed since may 13, though data seen by TechCrunch shows records dating back to at least the scratch of the year. The authorization also told TechCrunch that the exposure was due to human error and that it was investigating its logs to determine if anyone else had access to the server. We at the CPA read this very seriously, Moe Houssaini, the acting general coach for the Calgary Parking Authority, told TechCrunch in a statement. Any public access has been disabled and we are actively investigating to see what exact data was impacted and what unauthorized access may get occurred. We excuse to our customers and will live reaching out to all individuals who may have been impacted. Protecting the security of our systems and privacy of our customers is a whirligig antecedence of the CPA. It was an isolated error, and the database has now been secured. We are reviewing our procedures to ensure that this does not hap again. The Calgary Parking authorization recently made headlines after it canceled more than a thousand parking tickets for drivers who were attendance a COVID-19 vaccination heart in the city. Earlier this year, New York-based cashless parking startup ParkMobile reported a data transgress that saw personal account information and permission plates on some 21 zillion customers taken by hackers. The troupe blamed the breach on a vulnerability in an unspecified piece of third-party software.

About HackNotice and Calgary Parking Authority

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and Calgary Parking Authority was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of Calgary Parking Authority their products, services, websites, or applications and you were a client of HackNotice, monitoring for Calgary Parking Authority you may have been alerted to this report about Calgary Parking Authority . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If Calgary Parking Authority had a transgress of consumer data or a data leak, then there may be additional actions that our clients should have to protect their digital identity. data breaches, hacks, and leaks often track to and cause indistinguishability theft, account take overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that trail to lower node security and digital identities that get been exposed and should be considered vulnerable to attack. HackNotice works with clients to identify the extent that digital identities have been exposed and provides remediation suggestions for how to handle each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that apportion data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account read overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that hurt consumers. HackNotice applies industry specific knowledge and advanced security practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to apportion cut notices with their friend, family, and collogues to help increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to aid increase the security of our clients personal network. The security of the people that our clients interact with directly impacts the layer of surety of our clients. Increased exposure to accounts that have been taken over by hackers leads to further account submit overs through phishing, malware, and other attach techniques.

If you found this hack observation to live helpful, then you may be interested in reading some additional jade notices such as:

most cases there is no lasting damage; either the breach in security is remedied before the informa get-up-and-go and utilities companies an average of $12.8 million each year in lost business and damaged esignificant driblet in profit, which dove an estimated 40 percent in the 4th quarter of the year. At th

THREE RIVERS REGIONAL COMMISSION

TGH Urgent Care says 558 patients may be impacted by credit hack after former employee may have taken photos of credit cards, IDs - WTSP.com

[USA] Crary Industries Inc.