Minneapolis parking app experienced data breach in March

No credit card information was accessed in the breach.
Author:
Updated:
Original:

An app that can be used to pay for parking meters in Minneapolis experienced a data breach in March, MPLS Parking app said in an email to users Wednesday.

"In March, ParkMobile, the developer of the MPLS Parking app, became aware of a cybersecurity incident linked to a vulnerability in a third-party software which we use," MPLS Parking said. 

MPLS Parking "immediately launched" an investigation with a "leading cybersecurity firm" to address the incident and eliminated the third-party vulnerability. 

The email was used to update users on the investigation's findings, with MPLS Parking saying no credit card information and no data related to a user's parking transaction history was accessed. 

MPLS Parking says only "basic user information" was access in the breach, including license plate numbers, email addresses, phone numbers and vehicle nicknames (if provided by the user). A "small percentage of users" also had their mailing addresses affected. 

Encrypted passwords were accessed but not the keys required to read said passwords, with MPLS Parking noting it does not collect Social Security numbers, driver's license numbers, or dates of birth. 

Users can change their passwords in the settings section of the app or online here, with the email recommending that people use a unique password for every different online account. 

"We continue to maintain our security and monitor our systems," the email said, noting they've notified the proper law enforcement authorities. "As the largest parking app in the U.S., the trust of our users is our top priority. Please rest assured we take seriously our responsibility to safeguard the security of our users’ information."

In a statement to Bring Me The News, the City of Minneapolis said: 

"ParkMobile is contracted with the City to provide an MPLS Parking branded version of their mobile payment app to customers for making parking meter payments. There was no breach of any City networks or the data the City receives for payments. The profile information that was exposed in the breach was contained within ParkMobile systems that are not integrated with any City systems. The City is coordinating with ParkMobile to ensure proper legal notifications are made to affected users of the app."

There have been about 430,000 total downloads of the MPLS Parking app but the city typically sees about 100,000 unique users in an average month, city spokesperson Sarah McKenzie told BMTN. 

The breach was not specific to the MPLS Parking app, but impacted all ParkMobile app accounts including the one Minneapolis uses. 

Sign up: Subscribe to our BREAKING NEWS newsletters

Next Up

Kenta Maeda

Twins pull Maeda early, White Sox pummel bullpen

Jose Abreu's two-run homer gave the White Sox a 9-3 victory.

boys volleyball

Girls wrestling sanctioned as MSHSL activity; boys volleyball 2 votes shy

There will be section and state tournaments for girls-only wrestling next school year.

P.J. Fleck

Gopher players defend PJ Fleck after WCCO-TV report

"The public has made our statement," a U of M spokesperson said.

vaccine, covid

Twin Cities police investigating COVID vaccine thefts in viral videos

Videos of both incidents were recorded and shared online.

Guthrie theater

Guthrie to reopen to the public in July, shows resume this fall

The theater has been closed to the public for more than a year.

Target - good and gather plant based

Target is launching more than 30 new plant-based grocery products

All are part of the company's hit Good & Gather brand.

Roller Garden

Roller Garden to auction off skates, signs, arcade games and more

Many items from the beloved Roller Garden will be up for auction next month.

joseph ness booking photo

Charges: Chanhassen man fired hundreds of rounds, killing his sister

Six rifles, including AR-15 and AK-47 variants, were found inside the home.

police lights

Woman robbed and assaulted at gunpoint in Waite Park, police say

The incident occurred on Sunday at around 11:30 p.m.

pixabay - marijuana cannabis

Marijuana legalization: Minnesota House to vote Thursday

The "historic" vote on the House floor is set for Thursday afternoon.

Related

Dunn brothers

Data breach impacts card users at Dunn Bros., Sebastian Joe's

A Minnesota company that provides point-of-sale services has confirmed a breach.

The Uber data breach: What you need to know

Personal information of 57 million Uber users was accessed.

Payment information accessed in Delta data breach

Delta says a 3rd party company was breached in the fall.

Data breach at DoorDash compromises nearly 5 million accounts

The food delivery service says some users should reset their passwords.

Children's Minnesota - Minneapolis campus

Thousands of MN hospital patients' information possibly exposed in data breach

One of Children's Minnesota's vendors experienced a ransomware attack in July.