Mike Lennon reports additional details on a breach noted previously on this blog:
SP+, a company that provides parking, maintenance and security services to property owners, said on Friday that an unauthorized attacker gained access to its payment processing systems and was able to access customer names and payment card information.
The company said that on November 3, 2014 it received a security notice from a third party vendor that provides payment card systems for some of its parking facilities. The noticed warned that an unauthorized person had used a remote access tool to connect to the payment processing systems at some of those facilities and that customer data was at risk.
Through its Standard Parking and Central Parking brands, the company operates roughly 4,200 parking facilities in hundreds of cities across North America, and has approximately 23,000 employees.
“The unauthorized person used the remote access tool to install malware that searched for payment card data that was being routed through the computers that accept payments made at the parking facilities,” SP+ noted in a breach disclosure.
Read more on Security Week.
Thanks to Joe Cadillic for this link.