1 million customer files accessed in massive Park’N Fly data breach

Park’N Fly offers travellers convenient, worry-free airport parking. But now, a massive data breach is causing customers to be concerned.

On August 23, Park’N Fly announced a data breach in which around 1 million customer files were accessed. The parking platform’s customers received emails about the breach.

The company, which provides 24/7 parking and shuttle service at airports across Canada, emphasized that customers’ financial information wasn’t part of the breach. However, the third party did have access to customers’ contact information, such as their email and address, as well as their Aeroplan and CAA number.

According to Park’N Fly, an unauthorized third party accessed the company’s network through a remote VPN between July 11 and July 13, 2024.

The Bold Bureau/Shutterstock

“On August 1, 2024, we determined that some of your personal information was likely affected by the incident,” states an email. “We have not seen any additional unauthorized activity since we began our investigation.

Park’N Fly said they’re investigating the incident with help from outside experts. Customers are also urged to “remain vigilant” of phishing attempts, such as emails from unknown senders.

“At Park’N Fly, the trust and security of our customers are paramount,” said Carlo Marrello, CEO at Park’N Fly Canada. “While we deeply regret any concern this incident may have caused, we want to reassure our valued customers and partners that we are taking all necessary steps to safeguard their information.”

But that provides little assurance for customers like Marie.

@ParkNFlyCA/X

The BC-based customer said she noticed an uptick in spam emails and was worried when she received the email from Park’N Fly. She has an upcoming vacation and is concerned that hackers might also have her license plate information.

“I’m concerned that now if I use their lot for my vacation, the hackers may have my booking date,” she emailed Daily Hive. “That means if they see my car in that time frame, they’ll know I’m away, and they have my address to go break in, knowing full well they won’t be caught.”

Marie said she signed up with Park’N Fly after getting a good deal through her job.

“But now I feel like I get what I pay for,” she said. “So unless they can prove my address, booking dates, and licence plate weren’t obtained, I’ll have to book elsewhere or get a ride to the airport.”

Daily Hive has contacted Park’N Fly to ask if customers’ licence plate details were also involved in the data security incident.

Have you been affected by Park’N Fly’s data breach? Let us know in the comments, or reach out to [email protected].

Source