A popular airport parking service is warning approximately one million Canadian customers that their personal information may have been compromised in a widespread data breach last month.
In a statement to CTV News Toronto on Monday, Park’N Fly confirmed that a third-party had breached its networks through an unauthorized remote VPN sometime between July 11 and 13. The company’s platforms were fully restored within five days of the incident, it said.
The leaked information included the names, email and mailing addresses, and Aeroplan and CAA numbers of approximately one million customers, the statement said. Customers’ credit card and payment information, along with passwords, were not stored on the compromised server and were therefore not impacted, it said.
On Monday, more than three weeks after discovering the breach, Park’N Fly notified customers that their information had been compromised.
“On August 1, 2024, we determined that some of your personal information was likely affected by the incident,” the email reads. “We have been diligently investigating this incident with the assistance of outside experts.”
Chief Executive Officer Carlo Marrello said Monday that the company is “committed to transparency” and is prioritizing the integrity of its systems going forward.
“At Park’N Fly, the trust and security of our customers are paramount,” Marrello said in the statement. “While we deeply regret any concern this incident may have caused, we want to reassure our valued customers and partners that we are taking all necessary steps to safeguard their information.
Park’N Fly says it had increased its security surveillance since learning of the breach, including updating the network’s anti-virus software.