Exploit: Misconfiguration
Calgary Parking Authority: Municipal Entity
Risk to Business: 1.705 = Severe
Calgary Parking Authority recently experienced a breach that exposed the personal information of vehicle owners. A misconfigured server containing computer-readable technical logs, payments, parking tickets, driver personal data and more was discovered in the wild by researchers. Reports say that the server, used to monitor the authority’s parking system for bugs and errors, was left on the internet without a password in a security blunder.
Individual Risk: 1.622 = Severe
Data exposed includes drivers’ full names, dates of birth, phone numbers, email addresses, and postal addresses, as well as details of parking tickets and parking offenses, including license plates and vehicle descriptions, and in some cases the location data of where the alleged parking offense took place. The logs also contained some partial card payment numbers and expiry dates.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business It’s hard enough to stay ahead of hackers without giving them an easy payday by making sloppy mistakes. Building a strong security culture is vital for keeping systems and data safe.
Source: Calgary Herald