The Atlanta-based airport parking lot operator Park 'N Fly apparently has suffered a credit and debit card breach, according to security blogger Brian Krebs.

Krebs is the reporter who broke news of the Target breach a year ago.

Park 'N Fly operates in dozens of markets nationwide near most major airports.  Some lots are wholly owned and others are owned by affiliates, operating under the names WallyPark and Thrifty Parking.

In response to an inquiry from Krebs, Park 'N Fly did not confirm that a breach occurred.

"We have been unable to find any specific issues related to the cards or transactions reported to us and by the financial institutions," wrote Michael Robinson, Park 'N Fly's senior director of information technology," in a statement emailed to Krebs.

He added, "While this kind of incident is rare for us based on our thousands of daily transactions, we do take every instance very seriously. Like any reputable company involved in e-commerce today we recognize that we must be constantly vigilant and research every claim to root out any vulnerabilities or potential gaps."

The Park 'N Fly statement continued, "While we believe that our systems are very secure, including SLL encryption, we have recently engaged multiple outside security firms to identify and resolve any possible gaps in our systems and as always will take any action indicated."

Krebs, citing fraud incidence reports provided to him by several banks, claimed the evidence of some kind of breach is strong.

"Both banks saw fraud on a significant number of customer cards that previously  — and quite recently — had been used online to make reservations at a number of more than 50 Park 'N Fly locations nationwide," Krebs wrote.

Nationwide, some parking facilities been under what some have described as a hacker siege. 

Randal Cox, chief data scientist at the Chicago-based fraud detection company Rippleshot, told CU Times that his company is presently tracking 75 potential breaches at parking lot operations.

"It's bad. Not as bad as gas station skimming but there is a lot of credit card data theft at parking lots nationally," Cox said.

He neither confirmed nor denied that Rippleshot had identified breaches at Park 'N Fly.

In early November, large parking lot operator SP+ reported that it had been notified of breaches involving 17 of its locations, many in and around Chicago as well as in Philadelphia and Seattle.

In early December, the St. Louis Parking Co. issued a press release acknowledging theft of credit and debit card data of users of its Union Station parking facility. The company did not offer details regarding the nature of the breach.

"We believe several more parking lot breaches will be made public in the next few weeks," Cox said.

In many cases, theft of card data at parking facilities involves installation of skimmers on card terminals that typically are unmonitored, according to Cox.

If Park 'N Fly was breached, it is not known how the breach occurred.

NOT FOR REPRINT

© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.