It looks like a backdoor link is granting access to thousands of private records revealing names, addresses, penalty charges, infringement locations with the date of the violation, and photographs of motorists.
According to Sky News, they were able to penetrate the PaymyPCN website, which has worked with both private and public sector parking operators for over 20 years in the UK, by accessing the site via a backdoor link. The site is known to have direct ties with the Driver and Vehicle Licensing Agency (DVLA) and thus contains thousands of records of offending motorists.
Naturally, this type of public access causes great concern. While the DVLA has stated client data privacy is priority, they also stated that this is not an issue associated with them directly. PaymyPCN has been made aware of the security hole, but declined to comment.
For the moment it looks like as though the PaymyPCN website is up and running. Whether the security hole has been plugged is unknown. With increasing number of security breaches, it is still impressive to see sites that hold crucial data being compromised with the most basic maneuvers. Hopefully, this example will cause other companies to evaluate their websites security to ensure the safety of their clients.
Source: Sky News | Image via Sky News