Re: Ah Dave again.
"Book2park CEO Anna Infante said it recently had security experts remove a malicious file."
Let's remember that this is a parking company, whose business model is employing minimum wage oiks to wander round car parks doing nothing, other than sticking the occasional penalty notice on some criminal who's overstayed. And the private equity firms and infrastructure investors who buy parking companies, they don't give a sh*t about customers either - it's just a business model that amounts to legalised extortion due to limited opportunities for new entrants.
This isn't a business model that commands respect, or that employs many white collar professionals, and I'd guess that the IT department is one man and his dog (and no matter how skilled and committed he might want to be, he's not going to get the resource to do a proper job).
The ideal solution is to use cash when you park, so that the cretinous companies who run car parks don't have your card details in the first place, but that's a problem with airport parking, where you have to book in advance. And that's why the crims targeted these specific companies, because airport parking customers have to use their cards, which makes the data breach even more damning.