Names, email addresses, phone numbers and trip data were stolen by cyber criminals in January
Regional ride-sharing company Careem has just announced that it was the subject of a cyber-attack that compromised the data of up to 14 million of its users – both customers and drivers.
In a blog post to its website, it was revealed that the company became aware of the breach, which affected users in the Middle East, North Africa, Pakistan and Turkey, on January 14 2017. Anyone signing up to the service after this date was not affected.
Dear Customers, we have identified a cyber incident that took place in January 2018 involving unauthorized access to the system we use to store data. Our wider security protocol keep passwords encrypted and credit card details on a separate system. pic.twitter.com/rkcpf671ct
— Careem (@careem) April 23, 2018
Cyber criminals allegedly infiltrated the Dubai-based company’s systems, making off with the names, email addresses, phone numbers and trip data of users from 78 cities in 13 countries.
The blog post goes on to confirm that customer credit card information was not compromised as it stored on secure servers managed by a third party.
So far, no fraud or misuse of the stolen data has been discovered by Careem, although they do ask users to remain vigilant in watching bank and credit card statements for any suspicious activity. It also recommends that users implement good password management and avoid clicking on links from unsolicited emails.
Careem apologised for the breach and that they have learned from the experience, saying “We regularly review and update our security systems – this time it wasn’t enough to prevent an attack. While no organisation is completely immune to the threat of cybercrime, we are committed to meeting these threats and protecting the privacy and data of those that have placed their trust in us.”
You can read the full statement here.