Calgary’s parking authority exposed drivers’ personal data and tickets

Zack Whittaker reports:

If you parked your car in one of the thousands of parking spots across Calgary, there’s a good chance you paid the Calgary Parking Authority for the privilege. But soon you might be hearing from the authority after a recent security lapse exposed the personal information of vehicle owners.

The exposed server was found by  Anurag Sen.  You can read more details about the leak on TechCrunch.

An undated statement on CPA’s web site says:

We have addressed a security concern where information from one of the CPA’s servers was temporarily accessible externally. After a thorough security investigation, the CPA confirmed that the unauthorized access was limited to 12 customers and included only name, email address and encrypted password.

We sincerely apologize that this occurred. We take cyber security very seriously. Protecting access to our systems and the privacy of our customers is a top priority. We have notified the customers who may have been impacted. This issue has been corrected and the data has been secured. We have conducted a thorough investigation and have implemented additional measures to prevent future recurrence.

Please contact us if you have any questions at 403-537-7000 or [email protected]

That undated statement does not match up with what TechCrunch found and it would seem too soon for them to claim that they had conducted a thorough investigation and notified everyone. The statement is most likely from an earlier incident, but  DataBreaches.net sent email inquiries to CPA last night to confirm whether this was an older statement or not.   This post will be updated if a reply is received.

About the author: Dissent

Comments are closed.