EasyPark Data Breach

Published: December 14, at 21:00 CET
Updated: January 18, at 10:00 CET

Update on EasyPark data breach
We had a data breach on December 10. Our analysis confirms that hashed versions of user passwords were also part of the data breach. We are contacting affected customers because we care and want to be transparent.

What is password hashing?
Password hashing means converting a password through an algorithm to turn it into an unintelligible series of characters. This is to protect the confidentiality of the password and also protect it against any unauthorized use.

What have we done?
We reset the passwords for all affected customers on December 10 upon discovering the data breach and as a part of our standard incident response.

What actions should affected customers take
Although the passwords were hashed and reset, we encourage affected customers to change their password on any other platform where they have used the same password. Another way of keeping passwords secure and unique is through a password manager. We are committed to doing everything to earn our customers’ trust back by protecting their data and are sorry for the inconvenience this issue may cause to our customers.

This is what happened

On December 10, 2023, we discovered we were the victim of a cyber attack. The attack resulted in a breach of non-sensitive customer data. We deeply care about our customers and want to make sure you are fully informed about this incident. Here is what we have done.

Check out the FAQ’s below or go to our support page if you have any questions.

1. We took actions to protect you.

• We took swift measures to stop the cyber attack.

• We made sure our services continued to operate as usual.

• We notified the appropriate authorities.

• We reset the passwords for all affected customers on December 10 upon discovering the data breach and as a part of our standard incident response.

• Our security team, including external security experts, is working hard to ensure effective security and privacy measures are in place.
  
  

2. We are making you aware.

• Some of you were affected by the data breach. We are reaching out to all affected customers.

• If you were affected, some contact information you may have provided to us (such as name, phone number, physical address, and/or email address) were accessed.

• A few digits of your IBAN or credit card number are, if applicable, part of your information and -if you were affected by this data breach- this partial data has been accessed. However, one cannot make payments with this incomplete data.

• No combination of this stolen data can be used to perform payments.

• As always, you should be mindful of phishing attempts, which are unfortunately common.

3. We are sorry.

At EasyPark Group, we take protecting your privacy seriously and strive to deliver the best possible experience for you. Experiencing a data breach naturally creates concerns for all of us.

We are deeply sorry this happened and will continue to work hard every day to earn your trust.

Sandesh Bhat
Chief Technology Officer
EasyPark Group

Miles Hutchinson
Chief Information Security Officer
EasyPark Group

If you have further questions, please contact our Customer Care.

Also, see our Privacy Policy to learn more about privacy at EasyPark Group.