x
Breaking News
More () »

Millions of users' data at risk after parking app security breach

Here's what to do if you think your information could have been affected.

ALEXANDRIA, Va. — A recent cyber breach may have put some basic personal information at risk for those who use the ParkMobile app.

Earlier this spring, the popular wireless parking company announced a "third-party software" vulnerability led to the breach.

The company's announcement did not include a firm number of how many accounts were affected, but cybersecurity writer Brian Krebs estimates it may have been more than 20 million nationwide.

The app is popular in high-density parking areas across the country, including here in the DC region. It allows users to skip the hassle of looking for change to feed an analog parking meter by using a mobile app and a credit to pay for parking wirelessly.

But like with all things in the digital world, that added convenience comes with some risk.

Since announcing this data breach, the company says they've fixed the problem that led to it.

ParkMobile also notes that no credit card information was ever accessed and that they do not collect social security numbers so that information was never at risk.

But the company does say basic information like user email addresses, car license plates, and phone numbers may have been impacted.

It says encrypted passwords were also accessed, "but not the encryption keys required to read them."

What can you do if you think your data may have been affected?

Will O'Neal says using different passwords for each of your accounts is key.

RELATED: MPD confidential officer files obtained in cyberattack, acting Chief Contee says

"If you're using a password that you typically repeat in a lot of places or change one character, that is very easy for the hackers to identify," he said.

O'Neal, an IT expert and owner of Mid-Atlantic Computer Solutions, says that's good advice for everyone who's using digital products.

ParkMobile agrees, in its announcement of the breach it suggested users should update their passwords "as an added precaution."

RELATED: Major US cybersecurity firm FireEye says it was hacked by foreign government

Another good idea: keeping an eye on your software. According to O'Neal, old versions can leave your device open to vulnerabilities.

The good news is there's a fix, and it's usually as easy as turning your computer off and on.

"Keep your browsers and your computers updated," he said. "I would reboot them at least once a week and make sure you restart your browser every day or so."

By doing so, most computers and browsers will automatically install any necessary updates.

O'Neal also suggests backing up your data frequently. This will make recovery easier if your information is compromised.

Multi-factor authentication is a good idea to set up for email accounts, he says.

Finally, O'Neal suggests being wary of suspicious emails. As a general rule, he says, if it looks odd, don't click on it.