Error With Car Parking App Used by Councils Causes Serious Data Breach
An issue with a car parking app used by many local councils caused users to see the personal details of other people on the app, including information about vehicle registration and names.
The app is used in 230 towns across the country by councils including Richmond, Milton Keynes, Lewisham and Westminster, and allows users to register several cars and pay for their parking using their smartphone device.
The company, RingGo, said in a statement that though users were not able to access the bank details of other motorists and could not pay using somebody else’s account, it still agreed that the error was “totally unacceptable” and was being investigated.
The data breach seemingly occurred after an update, and RingGo said that the number of people directly affected by the breach is around 600, whilst another 1,400 may also have been affected in some way.
Users quickly took to Twitter to complain about the app, with one person writing: “Replace a perfectly good app with [a] new one that’s not only harder to use, but comes with a massive data breach too.”
Another wrote on 16 April: “App still showing me another user’s phone, car and address. No call text or email from you. Problem clearly not fixed.”
A spokesperson for the company said last week: “We believe the actual number of people who have been directly impacted is around 600.
“We can assure customers that no useable payment card information was displayed – only the last four digits are shown. Some personal data could have been visible, eg. name, vehicle registration. It would not be possible to use another’s account to pay for a parking session.
“We take the security of our customers’ data extremely seriously and a full investigation into the root cause is taking place so that this issue will not happen again.”