Careem has reported a massive security breach in which names, email addresses, phone numbers and trip history data of customers and captains was stolen.
A hacker group managed to get access to its servers on 14th January, 2018. The company detailed the incident in a blog post earlier today.
The company was quick to mention that no misuse or fraudulent use was reported due to the data breach but didn’t state the number or percentage of its customers and captains that were affected.
A report by The National, however, claims that up to 14 million people were affected by the data breach.
The personal data of up to 14 million people in the Middle East, North Africa, Pakistan and Turkey has been stolen by online criminals in a cyber-attack on the systems of Dubai ride sharing platform Careem.
Dear Customers, we have identified a cyber incident that took place in January 2018 involving unauthorized access to the system we use to store data. Our wider security protocol keep passwords encrypted and credit card details on a separate system. pic.twitter.com/rkcpf671ct
— Careem (@careem) April 23, 2018
Information for Users
The hackers breached into the company’s systems and stole data including customers’ and captains’ phone numbers, addresses, emails, usernames and trip data.
For customers who had associated their credit card data with their accounts, Careem said that there was “no evidence that your password or credit card number had been compromised”.
It is advised that users review their emails, banks accounts, and credit card info and update their passwords just to be on the safe side.
How Careem Has Dealt With the Issue
Careem’s blog reads,
Careem has identified a cyber incident involving unauthorised access to the system we use to store data. While we have seen no evidence of fraud or misuse related to this incident, it is our responsibility to be open and honest with you, and to reaffirm our commitment to protecting your privacy and data.
For now, Careem has reassured that it has removed the loopholes and vulnerabilities used by the hackers. It is launching an extensive investigation of its system and will be working with “leading cybersecurity experts” and government authorities.
You can check out the official post here for more details.