It has been reported that over 5,000 people have been affected by the data breach at Cork City’s Park by Phone service, it emerged last night. The council stated that no personal bank account or credit/debit card details were accessed, no account balances were altered and no passwords were compromised, however it warned users of the service that it was possible that other personal data such as car registrations, mobile numbers and email addresses may have been accessed.
Ryan Wilk, Vice President at NuData Security:
“Fortunately, this Park by Phone breach doesn’t include credit card information. However, we all know bad actors are very talented at preparing fraud schemes with the kind of user information that was leaked. From phishing scams and dictionary attacks – where fraudsters try certain common passwords based on the user’s information – to synthetic identities; as little as an email address can go a long way in the hands of a bad actor.
Continued reliance on static information to authenticate a user will continue to expose companies breaches. This is why many customer-facing organisations that transact online are adopting multi-layered technology solutions that incorporate passive biometrics and behavioural analytics technology. This technology helps make stolen data valueless by verifying users based on their inherent behaviour instead of relying on their data.”