According to the company, an unauthorized person had used a remote access tool to connect to the payment processing systems to install malware which searched for payment card data that was being routed through the computers that accept payments made at the parking facilities.
Parking facilities in Chicago, Cleveland, Philadelphia, Seattle, and Evanston were affected by the breach, though a majority of the locations affected were located in Chicago.
SP+ did not say what type of malware was found on the systems. Earlier this week, a new strain of point-of-sale malware targeting e-kiosks and ticket vending machines was uncovered by intelligence firm IntelCrawler. Dubbed 'd4re|dev1|', the malware is hitting mass transit systems, and acts a backdoor that gives attackers remote administration capabilities."
Link to Original Source