Security breach targeted credit card data at 13 area parking garages

SHARE Security breach targeted credit card data at 13 area parking garages
SHARE Security breach targeted credit card data at 13 area parking garages

A Chicago-based provider of parking facilities says someone used malware to capture credit card data at 13 different parking facilities in downtown Chicago and Evanston.

SP+, formerly known as Standard Parking, disclosed the breach Friday in a statement to customers posted on its website.

Someone uploaded malware to payment systems used in 17 of its parking garages and may have captured cardholders’ names, card numbers, expiration dates and verification codes, the statement said.

Nine of the affected facilities are in downtown Chicago, the West Loop or Near North Side, including ones at the John Hancock building, the Aon Center and Aqua, the statement said.

A parking facility at the Cumberland CTA stop on the Northwest Side was also affected, as were three garages in north suburban Evanston, the statement said. Four other garages in Cleveland, Philadelphia and Seattle were also targeted.

The person responsible apparently used a vendor’s remote access tool to get into computers that process payment cards in some facilities, the statement said. SP+ learned about the security breach Nov. 3 from the vendor, which provides and maintains the payment card systems.

Customers who used their cards at the locations on specific dates between late September and early November could be at risk, and should review their accounts for any suspicious activity, the company said.

SP+ is working with credit card companies to provide them with account numbers that could be affected, but does not have enough information to mail notices to cardholders, the statement said.

The malware has since been disabled, and SP+ is requiring the vendor to require two-factor authentication for remote access, among other security measures.

The parking facilities that might have been affected were in Chicago were 55 East Monroe; AON Center; John Hancok garage; 1460 Halsted (Black Hawk); 10 East Ontario; Cumberland CTA; 500 West Monroe; Aqua; Presidential Towers and 120 North LaSalle. In Evanston, the facilities were Church Garage, Maple Garage and Sherman Garage.

Customers can visit the company’s website for a full list of affected parking facilities and the dates they were affected, or call 1-877-717-0004.

The Latest
The Sox’ Yasmani Grandal and Anderson and the Yankees’ Donaldson were at the center of the dustup. There were no punches or ejections.
Favorite Epicenter made a hard charge up the rail to finish second. But Jose Ortiz guided Early Voting inside before the finish line well ahead of Epicenter, who was also second in the Kentucky Derby.
Gomez was a few days shy of 27 when a 14-year-old attacked him at the Cicero Green Line station, authorities said. His family described him as fiercely protective, fighting for custody of his son and planning on becoming a police officer.
The Cubs catcher quickly moved past his latest ejection — his third since last July 24 — and touched upon losing and an uncertain future. “I’m really good where I’m at right now.”
A man was wounded by a security guard during a shootout at Millennium Park.