Ames parking ticket data breach could have compromised 4,600 motorists payment information


Need a place to park but don’t have a permit? Parking meters are located in various lots around campus. These meters can be used at any time, but be sure to check the signs- many meters have time limits. 

Devyn Leeson

A data breach could affect 4,600 people who paid for city-issued parking tickets through the City of Ames online payment system.

Motorists who paid their tickets through the system over the time period of Aug. 10 to Nov. 19 may have been affected by the breach, according to a press release from the City of Ames. The city will be sending mail and email notifications to those potentially affected by the breach.

“The breach may have included the following data: first name, last name, mailing address, email address, and debit/credit card number,” according to the press release.

This data was not compromised for other City of Ames payments as the parking ticket payments were the only payments compromised by the breach.

The city was made aware of a potential data breach on Nov. 18 and immediately reported it to the third party vendor, Click2Gov, who processes the city’s parking ticket payments. Within the time immediately following the reports, the parking ticket payment link on the City of Ames website was taken down and then restored by Nov. 20.

A copy of the web server was given to a “private forensic data analyst for detailed assessment,” and the server was then replaced, according to the press release.

“We are very sorry this happened to our customers,” Ames Finance Director Duane Pitcher said in the press release. “The City of Ames is extremely concerned by this incident, but we’re confident we’ve addressed the vulnerability and corrected it. We know cyber attacks can occur any time, and we remain vigilant about keeping information shared with the City safe. We expect the same from vendors linked to our website.”

The city recommends customers monitor their credit card statements and other banking information any time they make electronic payments to ensure their information is secure.