Parking service provider SP Plus says its equipment at Evanston’s three downtown municipal parking garages was hacked to steal credit card data from drivers.
In a statement issued today, SP Plus says that the three Evanston garages, along with 10 more in Chicago and four in other cities, were affected by the security breach.
It says its payment card vendor notified it early this month that an unauthorized person had used that company’s remote access tool to connect to computers that process payment cards in the garages and install malware on the systems to steal the card data.
The company says the security breach at the Evanston garages started on Oct. 8 and that the last at-risk dates were Oct. 26 at the Church Street Garage, Nov. 1 at the Sherman Plaza Garage and Nov. 10 at the Maple Avenue garage.
SP Plus says customers who used a card at any of those locations during the at-risk period should review account statements regularly for unauthorized activity and, if they find any, contact the bank that issued the card.
It says the malware has been disabled on the affected computer servers and that SP Plus has required its vendor to convert to the use of two-factor authentication for remote access and is working with its computer security firm to implement additional security measures.
Customers with questions can call SP Plus at 877-717-0004 Monday through Friday from 7 a.m. to 7 p.m.