HUNTINGTON – The company the Huntington Municipal Parking Board uses to collect mobile parking payments has released information about a recent cybersecurity breach.
ParkMobile informed users of a cybersecurity breach it became aware of in March. Last week the company published the findings of its investigation conducted with a cybersecurity company following the incident. Users received an email about the incident over the weekend.
“We quickly eliminated the third-party vulnerability, and we continue to maintain our security and monitor our systems,” ParkMobile said in the updated advisory on its website. “As a precaution, we have also informed the law enforcement authorities.”
No credit card information was viewed, nor any data on a user’s parking transaction history, according to the notice.
Basic user information such as license plate numbers, email addresses, and phone numbers have been viewed. Encrypted passwords, but not the encryption keys needed to read passwords, were also viewed, the advisory says. ParkMobile encrypts user passwords with advanced hashing and salting technology to protect them.
ParkMobile does not collect social security numbers, driver’s license numbers or dates of birth, according to the notice.
Mike Wilson, executive director of the Huntington City Parking Council, said ParkMobile has been in contact with the council. He said the company briefed the board of directors on the initial incident in March and again on the findings of the investigation.
“It looks like they’re doing a good job of containing this,” Wilson said.
He said there had been no previous issues like this and the breach would not affect the board of directors and the company’s current relationship.
ParkMobile and the parking board entered into a partnership in 2017. Huntington residents and visitors can use the app on a mobile device to pay for on-the-go parking at meters or parking lots.
McKenna Horsley is a reporter for The Herald-Dispatch. Follow her on Twitter @mckennahorsley.