SP+, formerly known as Standard Parking Corp., which provides parking, maintenance and security services, says an intruder who breached its payment processing systems accessed customer data, Security Week reports.
The company learned of the compromise from its payment card system provider. The provider explained an unauthorized person had used a remote access tool to break into the payment systems at some parking facilities.
SP+ has asked the provider to identify the account numbers of cards used while the system was attacked, in order to alert the banks that issued the cards.
“The unauthorized person used the remote access tool to install malware that searched for payment card data that was being routed through the computers that accept payments made at the parking facilities,” SP+ noted in a breach disclosure. “The information from payment cards that may have been captured by the malware is the cardholder’s name, card number, expiration date, and verification code.”