The San Francisco Municipal Transportation Agency (SFMTA) had a chaotic couple of days at the end of September when a man named Riley Walz “reverse engineered the San Francisco parking ticket system.” On September 23rd, Riley shared a post on X announcing a new website he built that could help people “avoid the parking cops” in real time. Unsurprisingly, the post went viral — it’s been viewed over 13.3 million times — because, let’s face it, no one likes getting a parking ticket. 

​

As of now, Riley’s site is still live, but some of its functionality has been disabled. In its brief heyday, the website allowed users to view the make, model, and location of ticketed vehicles, along with the reason each ticket was issued. With that information, you could track the routes officers were taking, see their initials, and even access a leaderboard showing which officer had issued the most tickets and the total value of those citations.  

The new site left the SFMTA in a frenzy as they worked quickly to shut it down, citing safety concerns for both enforcement officers and the individuals receiving tickets. Though the site may have been built without malicious intentions, it raised a few red flags for the parking industry as a whole: 

​

• Are we prepared for a real cyberattack?  

• Is our industry doing enough to safeguard customer data — and communicate that commitment effectively? 

​

If you’re unsure of how your organization would answer either of those questions, now’s a great time to start asking them. While this kind of public data exposure may be new territory for parking, we will not be immune to these kinds of threats. We’re quickly becoming a tech-driven industry. Think of it like a snowball gaining speed down a mountain — we’re not slowing down, and every company needs to have a solid cybersecurity plan in place. 

​

Cybersecurity isn’t just an IT issue; it’s an operational one. As our systems grow more connected and data-driven, the risks grow too. What happened in San Francisco might seem like a one-off story, but it's a wake-up call for everyone in the parking industry. Now’s the time to review your protocols, talk to your teams, and make sure your technology — and your customers — are protected.  

​

We recently discussed this topic on our podcast with Mike Lawter. If you haven’t listened yet, go check it out for a more in-depth discussion. [Our Parking industry Podcast Episode 15] 

​

Resources: 

• https://x.com/rtwlz/status/1970536901733130741 

• https://www.sfgate.com/local/article/san-francisco-parking-ticket-tracker-viral-pulled-21065833.php