Both Park 'N Fly and OneStopParking.com, two competing airport parking services, announced this week that they suffered data breaches resulting in customers' payment card information being compromised.
The Park 'N Fly breach apparently occurred when cyber-criminals hacked the company's website, where customers can book a parking spot ahead of time and pay for the service online. According to security expert Brian Krebs, credit cards that have been stolen from online sources cannot then be encoded onto a new piece of plastic and used in brick-and-mortar stores. Instead, these numbers are used exclusively to make fraudulent purchases online.
"While the investigation is ongoing, it has been determined that the security of some data from certain payment cards that were used to make reservations through PNF's e-commerce website is at risk," said the company in a statement published on its website. "The data potentially at risk includes the card number, cardholder's name and billing address, card expiration date, and CVV code. Other loyalty customer data potentially at risk includes email addresses, Park 'N Fly passwords, and telephone numbers."
Since email addresses and phone numbers were also exposed, Park 'N Fly customers should be wary of phishing attacks. Criminals will sometimes send emails or place phone calls pretending to be legitimate institutions in order to solicit personal identifying information. Park 'N Fly is offering its customers a year of free credit monitoring services in response to the breach.
If you own a business, make sure your employees are operating only the most secure and sophisticated credit card processing reseller, so your customers' private information remains safe at all times. Make the upgrade today if you're using outdated software.