Park’N Fly, a well-known Canadian airport parking service, has announced a substantial data breach that has affected approximately 1 million customers. The breach, which occurred between July 11 and July 13, 2024, was the result of unauthorized access through a remote VPN connection. The compromised data includes names, email addresses, mailing addresses, and Aeroplan and CAA numbers. Fortunately, the breach did not involve financial information or passwords, according to the company’s official statement.
The breach was first detected on August 1, 2024, and Park’N Fly acted swiftly to address the situation. The company managed to restore its platforms within five days and has since taken significant steps to bolster its cybersecurity. This includes working with external cybersecurity experts to investigate the incident, updating antivirus software, and implementing enhanced security measures across its network. Park’N Fly’s chief executive officer, Carlo Marrello, expressed regret over the incident and reassured customers that the company is committed to protecting their data and maintaining transparency.
Following the breach, customers have raised concerns about the potential impact on their personal and professional lives. Don Wright, a customer who received notification of the breach, shared his anxiety about the possibility of fraudulent activity and its potential effects on his business operations. While the breach did not compromise credit card information, Park’N Fly has advised all affected customers to remain vigilant against phishing attempts and suspicious communications that could exploit the exposed data.
Park’N Fly’s privacy policy stipulates that personal information is retained only as long as necessary for its intended purposes or as required by law, with a default retention period of seven years. The company is emphasizing its commitment to transparency and continuous improvement in data security. As Park’N Fly navigates the aftermath of the breach, it remains dedicated to safeguarding customer information and preventing future incidents.
Reference:
