Hackers accessed some of the personal information of people using mobile parking apps designed for Philadelphia, some suburbs and other cities around the country.
ParkMobile, the company that powers meterUp and more than a dozen other parking apps, said the hack happened in March and involved a “vulnerability in a third-party software” that the company uses. Though ParkMobile said no credit card information was accessed, other personal information – including encrypted passwords – was.
Whoever was behind the hack accessed the passwords, but not the encryption keys needed to read them, ParkMobile said, adding that it encrypts user passwords with “advanced hashing and salting technologies.” People can change their password through the “settings” section of the app or by using this link.
Other data accessed by the hacker or hackers included license plate numbers, email addresses, phone numbers and vehicle nicknames, if provided by users. Mailing addresses were also affected “in a small percentage of cases,” the company said.
Get top local stories in Philly delivered to you every morning. >Sign up for NBC Philadelphia's News Headlines newsletter.
People’s parking transaction history was not accessed, ParkMobile said.
The company added that it “eliminated” the third-party vulnerability and has notified law enforcement.
ParkMobile powers its own app, as well as Go Mobile PGH, Park Columbus, meterUp, MPLS Parking, Park Houston, ParkLouie, MKE Park, FW Park, Park It Charlotte, ParkNYC, 717 Parking, Park 915, and Premier Parking.