Park ‘N Fly breached
Late last year, KrebsOnSecurity wrote that two huge swaths of credit card numbers put up for sale in the cybercrime underground had likely been stolen from Atlanta-based Park ‘N Fly and from OneStopParking.com, competing airport parking services that lets customers reserve spots in advance of travel via Internet reservation systems. This week, both companies confirmed that they had indeed suffered a breach.
In a statement released, the company acknowledged that its site was hacked and leaking credit card data, but stopped short of saying how long the breach persisted or how many customers may have been affected.
The statement reads: “Park ‘N Fly has become aware of a security compromise involving payment card data processed through its e-commerce website. Park ‘N Fly has been working continuously to understand the nature and scope of the incident, and has engaged third-party data forensics experts to assist with its investigation. The data compromise has been contained. While the investigation is ongoing, it has been determined that the security of some data from certain payment cards that were used to make reservations through Park ‘N Fly e-commerce website is at risk. The data potentially at risk includes the card number, cardholder’s name and billing address, card expiration date, and CVV code. Other loyalty customer data potentially at risk includes e-mail addresses, Park ‘N Fly passwords and telephone numbers.”