Update: HUB/Datapark Data Security Incident
In late October 2014, HUB learned that a limited set of its Datapark customers’ servers had been subject to unauthorized access, and notified affected customers. A particular user account that Datapark utilized to remotely access and service those servers was compromised and then apparently used to infect them with malicious software, known as the “Backoff Point-of-Sale Malware.”
Similar to that seen in other payment card-related data breaches, this malware can be used to collect card numbers while they are being processed and then send them to a remote location. As soon as HUB became aware of it, “we immediately took steps to neutralize the situation and prevent further unauthorized access.”
Since October, HUB has worked closely with affected Datapark customers, their technical teams, and some independent computer forensic investigators to ensure elimination of the malware. The company also said it is cooperating with the payment card companies and law enforcement.
The company’s press release also said, “The remote access issues have been remedied, the security compromise has been resolved, and we have further updated and implemented security processes and procedures to provide our customers with the secure, reliable method of handling payment card transactions for their parking patrons that they expect and deserve.”
HUB USA’s General Manager and CEO Robert Kempton said, “Protecting the privacy of our customers’ information is very important to us, and we regret any inconvenience that this incident may have caused.”
For more information, contact the company at firstname.lastname@example.org.
HUB Parking Technology is the FAAC Group Business Unit that develops, manufactures, installs and provides after-sales services for parking access and revenue control systems branded FAAC, Zeag and Datapark.
[Source: HUB Parking Technology]