Posts Tagged: breach

Jan 15

Park ‘N Fly, OneStopParking Confirm Breaches

Late last year, KrebsOnSecurity wrote that two huge swaths of credit card numbers put up for sale in the cybercrime underground had likely been stolen from Park ‘N Fly and from, competing airport parking services that lets customers reserve spots in advance of travel via Internet reservation systems. This week, both companies confirmed that they had indeed suffered a breach.

park-n-flyWhen contacted by this author on Dec. 15, Atlanta-based Park ‘N Fly said while it had recently engaged multiple security firms to investigate breach claims, it had not found any proof of an intrusion. In a statement released Tuesday, however, the company acknowledged that its site was hacked and leaking credit card data, but stopped short of saying how long the breach persisted or how many customers may have been affected. A portion of their statement reads:

“Park ‘N Fly (“PNF”) has become aware of a security compromise involving payment card data processed through its e-commerce website. PNF has been working continuously to understand the nature and scope of the incident, and has engaged third-party data forensics experts to assist with its investigation. The data compromise has been contained. While the investigation is ongoing, it has been determined that the security of some data from certain payment cards that were used to make reservations through PNF’s e-commerce website is at risk. The data potentially at risk includes the card number, cardholder’s name and billing address, card expiration date, and CVV code. Other loyalty customer data potentially at risk includes email addresses, Park ‘N Fly passwords, and telephone numbers.”

The Park ‘N Fly homepage now includes a conspicuous notice stating that the Web site is temporarily unable to process transactions and directs customers to a 1-800 for reservations.

Reading the Park ‘N Fly disclosure made me wonder if anything had changed over at, a Florence, Ky.-based competitor that KrebsOnSecurity reported Dec. 30, 2014 as the likely source of another e-commerce breach. Reached via phone this morning, the site’s manager Amer Ghanem said the company recently determined that hackers had broken in to its systems via a vulnerability in Joomla for which patches were made available in Sept. 2014. Unfortunately for and its customers, the company put off applying that Joomla update because it broke portions of the site. Continue reading →

Dec 14

Target Hackers Hit

Parking services have taken a beating this year at the hands of hackers bent on stealing credit and debit card data. This week’s victim — — comes compliments of the same organized crime gang thought to be responsible for stealing tens of millions of card numbers from shoppers at Target and Home Depot.

onestopparkingLate last week, the cybercrime shop best known for being the first to sell cards stolen in the Target and Home Depot breach moved a new batch of cards taken from an unknown online merchant. Several banks contacted by KrebsOnSecurity acquired cards from this batch, and determined that all had one thing in common: They’d all been used at, a Florence, Ky. based company that provides low-cost parking services at airport hotels and seaports throughout the United States.

Contacted about the suspicious activity that banks have traced back to, Amer Ghanem, the site’s manager, said the company began receiving complaints from customers about a week before Christmas.

“It’s been something we have been dealing with for the past week, where some of our customers have called in and complained about fraudulent charges,” Ghanem said. He noted that the complaints stopped after the company performed several security scans and upgraded software for the Web site, but the investigation continues.

“We have been unable to identify any specific issues that has caused any credit card breach on our website,” Ghanem said in a written statement. “However, being a part of the e-commerce industry and staying up to date with the security news, we are aware of security threats that are always around, especially during the holiday season, when people tend to shop and travel more.  We currently have 2 different services that are always monitoring traffic on our website, 24/7 to ensure the safety of our customers.”

Cards from the "Solidus" base at Rescator map back to One Stop Parking.

Cards from the “Solidus” base at Rescator map back to One Stop Parking.

This was the second time in as many weeks that this cybercrime shop —Rescator[dot]cm — has put up for sale a batch of credit cards stolen from an online parking service: On Dec. 16, KrebsOnSecurity reported that the same shop was selling cards stolen from Park-n-Fly, a competing airport parking reservation service.  Sometime over the past few days, Park-n-Fly announced it was suspending its online service. Continue reading →