Careem, an international ride-hailing service, reportedly came under cyber-attack in January this year causing users’ data including names of customers and captains, phone numbers and trip history at risk.
According to details shared by UAE media, a hacker group managed to get an access to Careem’s servers on January 14th, 2018 stealing users’ data of over 14 million customers.
Careem was quick enough to share a blog post yesterday mentioning that no misuse or fraudulent activity was reported due to the data breach but didn’t state the number or percentage of its customers and captains that were affected.
Dear Customers, we have identified a cyber incident that took place in January 2018 involving unauthorized access to the system we use to store data. Our wider security protocol keep passwords encrypted and credit card details on a separate system. pic.twitter.com/rkcpf671ct
— Careem (@careem) April 23, 2018
However, media claims that the personal data of over 14 million people in the Middle East, North Africa, Pakistan and Turkey was stolen by online criminals through a cyber-attack on the systems of Careem Dubai servers.
The hackers managed to steal data including customers’ and captains’ phone numbers, addresses, emails, usernames and trip data. However, Careem has categorically denied any misuse of credit cards by saying, “No evidence that your password or credit card number had been compromised.”
Even though, it is advised that users review their emails, banks accounts, credit card info and update their passwords just to be on a safer side.
Careem shares its views in a blog post:
Careem has identified a cyber incident involving unauthorised access to the system we use to store data. While we have seen no evidence of fraud or misuse related to this incident, it is our responsibility to be open and honest with you, and to reaffirm our commitment to protecting your privacy and data.
For now, Careem has reassured that it has removed the loopholes and vulnerabilities used by the hackers. It is launching an extensive investigation of its system and will be working with “leading cyber security experts” and government authorities.
You can check out the official post here for more details.