In the month of November, a peculiar and alarming hacker attack occurred in our country.
The one who suffered a violation, thus demonstrating an unexpected weakness, was none other than the website of Federprivacy, an association of Italian privacy and data security professionals.
In the same matter of days, a Clusit report examined 1,382 global attacks launched in the first half of 2023. And for Italy things don’t seem to be going well: if the growth of offensives, at a global level, has slowed down (despite an 11% growth compared to the previous survey), in our country the increase was even 40%.
And now, barring last-minute surprises, the year ends with a hacker attack on EasyPark, Europe’s largest parking app. Let’s find out what happened.
The hacker attack on EasyPark
The news of the hacker attack on EasyPark was published in a note that appeared on the company’s official website only in the last few hours (perhaps, we hypothesize, to avoid suffering an image backlash during the Christmas holidays).
Ma the offensive, as we can read, dates back to December 10th. “On December 10, 2023, we discovered that we had been the victim of a cyber attack. The attack resulted in the breach of non-sensitive customer data.
The safety of our customers is a priority for us and we want you to be fully informed regarding this incident.”
What happened
EasyPark’s transparency regarding the hacker attack of October 10th is commendable.
The note explains that some customers (the number was not released) were victims of a data breach. The company specifies that it will contact all affected users, and that with the attack the attackers had access to some contact information such as name, telephone number, physical address and/or email address.
“When you pay for parking, some of your debit or credit card numbers appear. These partial details have been accessed. However, payments cannot be made using this incomplete information.”
The breach occurred at European level. Regarding Italy specifically, the company disclosed that “no data regarding location, vehicle registration or parking sessions was accessed in this data breach.”
EasyPark also includes the US brand ParkMobile, with 50 million users, which however remained uninvolved in the attack.
The actions taken
Even before explaining what happened, in the note EasyPark explained the measures taken after the hacker attack.
The company stopped the offensive, ensured that services continued to function normally and informed the relevant authorities. It also said that “our security team, together with external security experts, are working hard to ensure that effective security and privacy measures are in place.”
The risks
As we were saying, the extent of the hacker attack on EasyPark is not known. RingGo alone, a brand of the company operating in the United Kingdom, reported that 950 users were affected.
EasyPark said it had received no ransom demands, and that no stolen data was published on the dark web or elsewhere. However, the boom in parking apps, which relies on geolocation, exposes customers to the risk of being physically tracked.
EasyPark is currently the largest parking app in Europe. The company, owned by private equity investors Vitruvian Partners and Verdane, was divested by BMW and Daimler in 2021. Its apps (including EasyPark, ParkMobile, RingGo and Park-line), operate in more than 4,000 cities in 23 countries , between Europe, the United States, Australia, and New Zealand.
The dangers for 2024
Meanwhile, a recent Clusit report indicated some of the main risks related to hacker attacks and cybersecurity for 2024.
An increase in hacker attacks “sponsored” by a state or linked to political activism, interference in elections or major events through artificial intelligence, a decrease in phishing and an increase in scam sites are expected.
Let us remember that in June we will vote for the European elections and in November there will be the US presidential elections. As for major events, the Olympic Games will be held in Paris from 26 July to 11 August.
Leave a Reply
View Comments