Security Roundup: Parking Meter Breach, Gas Pipeline Hack & Identify Theft in Kansas
Over the last few weeks some new and impactful data breaches and security hacks have been exposed. You have likely heard about the ransomware attack that hit a gas pipeline, but may have missed others, like why Kansas often has three times the national average of identity theft, and how a parking meter app may have exposed your data.
This post covers several recent security incidents including what you should be aware of, how you might be affected and what you can do about it.
Security Roundup: Parking Meter Breach, Gas Pipeline Hack & Identity Theft in Kansas
Below are specific details about the breach of a parking meter app, a ransomware attack on the company that manages a major gas pipeline, and identity theft in Kansas which is much more prevalent than in any other state.
ParkMobile parking meter data breach
If you have ever parked in a parking lot that does not take money or credit cards, you very well may have used ParkMobile to pay for that parking spot. ParkMobile is an app-driven parking lot management system. Unfortunately for one-time users, it requires installing the app and creating an account to use. For those using parking lots managed by these systems, it can be convenient since users do not need to have cash and transactions are quick.
Either way, whether you used the app one time or a thousand times, a recent ParkMobile data breach affected up to 20 million accounts. ParkMobile reported that credit card information was not accessed, but email addresses, license plates, phone numbers, and in some cases, mailing addresses may have been exposed.
What you need to know: If you have ever used the ParkMobile app, be sure to log into the app and change your password whether you received a prompt to do so from them or not. Since it cannot be said enough, make sure you use a unique set of user id's and passwords for all accounts. Hacks like these are a perfect example of why this is so critical in protecting your data.
The takeaway: Oftentimes we cannot control when our data is breached, meaning it is not caused by something that we did. Companies that force us to create user accounts even for a single order, make this more challenging. Whenever possible, avoid creating accounts at sites you rarely use or order from. Instead, when available, use the guest checkout. This is one small way you can reduce the number of accounts you have which will reduce your risk overall.
Colonial Pipeline hit with ransomware
Colonial Pipeline, a company responsible for operating the largest gas pipeline to the East Coast and covering 5,500 miles, suffered a ransomware attack last week. As a precautionary response, Colonial Pipeline temporarily shut the pipeline down. Unfortunately, this pipeline not only delivers gas for people to use in their vehicles, but it also services many airports.
What you need to know: As a result of the pipeline being shut down, there has been a surge in gas prices on the East Coast. People buying gas to have in reserve have only helped push prices even higher. Though the pipeline delivers to the East Coast, as with all gas events, users in other parts of the country will likely see some price hikes. Luckily, Colonial expects the pipeline to be running normally by the end of the week.
The takeaway: While Colonial worked fast to find alternative ways to transport gas to lessen the impact, a pipeline like this being shut down for a week will have an impact. Unfortunately, some hoarding did occur which only exacerbates the issue. Where possible, carpool, use mass transit, drive EVs, or use other non-gas dependent transportation to help the situation, which should otherwise work itself out in a short period of time.
Identity theft in Kansas
In 2020 the state of Kansas had the highest rate of identify theft in the country - coming in at three times the national average! Last year over 43,000 residents of Kansas reported their identity was stolen or someone attempted to steal it. Imagine how many instances actually occurred since there is never a 100% reporting rate!
One thing that might be related to the high level of identity theft in Kansas has to do with residents claiming unemployment benefits. One woman who mistyped her social security number in the website run by the Kansas Department of Labor was presented with the information for the rightful owner of that SSN. Thankfully she reported the error and there is now an investigation into whether or not a data breach is connected to the spike in stolen identity attempts.
What you need to know: Identity theft is one of those data breaches where the affects can go on for years. It can be one of the worst types of attacks to suffer from as you are often forced to prove you didn't do something - like refinance your home or purchase a boat. Now that the security breach found was reported, it can be addressed and hopefully this will help reduce the number of identity theft attacks in Kansas. At the very least, securing resident information will make it harder for attackers to find the information that makes these attacks easier.
The takeaway: Again, you cannot always control where your data is leaked from. Sometimes the best you can do is stay on top of your credit score, pay attention to your credit card and bank account statements to be sure there are no fraudulent charges, and check to see what types of companies have hit your credit with an inquiry. If you see something that looks wrong, take action!
Security breaches will continue to happen and sometimes they will affect something you interacted with directly, like the ParkMobile app. Other times the threats come from indirect sources, like paying more for gas because a pipeline company was hit with Ransomware or because you collected unemployment benefits. Either way, it is important to be aware of what is out there and be proactive in protecting your information at all times.
As always, it is not always easy, but protecting your data and privacy is extremely important!