The Calgary Parking Authority confirmed Wednesday it is dealing with a security concern after information on one of its servers was externally accessible for about two and a half months.
The company said it became aware of the problem on Tuesday.
A misconfiguration on May 13 “resulted in the server being publicly accessible,” CPA said. Unauthorized access was limited to 12 customers and included names, email addresses and encrypted passwords, according to CPA.
“As soon as the CPA became aware of this issue, a security investigation was immediately conducted,” said Alex Paredes, manager of IT and technical services at CPA, via email on Wednesday.
“Upon confirmation of the security incident, the CPA’s security team implemented additional security measures to restrict unauthorized access to the data.”
Paredes said the parking authority takes cybersecurity seriously.
“Protecting access to our systems and the privacy of our customers is a top priority,” Paredes said.
“We have notified customers who may have been impacted. This issue has been corrected, and the data has been secured.”