Park’N Fly data breach hits roughly a million customers

globalnews.ca:

The popular airport parking service Park’N Fly is warning Canadian customers that their personal information may have been compromised in a data breach last month.

“Approximately 1 million customer files were accessed” when “a third party accessed the Park’N Fly network through unauthorized remote VPN access,” the company said in a statement.

The leak happened between July 11 and July 13, and may have included names, email and mail addresses, and Aeroplan and CAA numbers, but did not contain financial information, according to Park’N Fly.

“We wish to reiterate that no passwords or credit card payment information is stored on our servers.”

The company sent an email notifying customers Monday of the breach, which it discovered more than three weeks earlier.

“On August 1, 2024, we determined that some of your personal information was likely affected by the incident,” reads the email.

“We have been diligently investigating this incident with the assistance of outside experts.”

The company said that its platforms were “fully restored within five days” and that it has since increased cyber security.

“While we deeply regret any concern this incident may have caused, we want to reassure our valued customers and partners that we are taking all necessary steps to safeguard their information,” said Park’N Fly chief executive officer Carlo Marrello in a statement.

The incident underscores the prevalence of data breaches and renews questions about what is being done to prevent them — and if they do happen, whether Canadians are being informed quickly enough.

Last month, Canada’s privacy commissioner launched an investigation into Ticketmaster after a massive data breach exposed the personal information of more than a half billion