Careem recently took the initiative to inform their users that their data has been hacked, after 3 months the incident initially took place, 14 million users had their accounts compromised.
In January, a hacker(s) stole valuable information about Careem users, including names, addresses, email IDs, numbers, and more.
The ride-hailing service, with the help of authorities, looked into the matter to have it resolved at earliest. The company announced this news on their official Twitter account.
“Dear Customers, we have identified a cyber incident that took place in January 2018 involving unauthorized access to the system we use to store data. Our wider security protocol keep passwords encrypted and credit card details on a separate system.”
Dear Customers, we have identified a cyber incident that took place in January 2018 involving unauthorized access to the system we use to store data. Our wider security protocol keep passwords encrypted and credit card details on a separate system. pic.twitter.com/rkcpf671ct
— Careem (@careem) April 23, 2018
The company has created a blog to help their customers take necessary steps they need to protect their account and to stay safe.
Careem’s Data Breach & How Was Affected
On January 14th of this year, Careem found out that online criminals had gained access to their computer systems which hold valuable customer and captain account data. Customers and captains who have signed up after that date are not affected.
Careem’s Efforts to Resolve Security Breach
According to the company, as soon as the violation as detected they had launched a thorough investigation and engaged leading cybersecurity experts to assist in strengthening their security systems. They are also reportedly working with law enforcement agencies.
Careem claims that their priority has been to protect the data and privacy of their customers and captains. Since discovering the issue, they have done and are doing everything possible to understand what happened, learn who was affected, and what is needed to do to strengthen network defenses.
What Careem Cyber Breach Victims Need to do?
The ride-hailing service has suggested following the following steps whether the customer has been affected or not to stay alert for the days ahead.
- Implement good password management by updating your Careem password, as well as other accounts on which you use similar details. Use a strong mix of characters, and try not to use the same password for multiple sites.
- Remain cautious of any unsolicited communications that ask for personal information or refer to a web page asking for personal information
- Avoid clicking on links or downloading attachments from unfamiliar emails
- Continue to review bank account and credit card statements for suspicious activity – if you see anything unexpected, call your bank.
However, as of now, there is no evidence that your password or credit card number has been compromised. The details about bank accounts and cards are kept on a separate third-party PCI-compliant server which is more secure.
How to Change your Careem Password?
For existing users, it is important that you change your password ASAP!
To do this follow the steps below:
- Open your Creem application
- 2. Click on your sidebar (3 lines on the top left)
- Tap on ‘Settings’
- Tap on Change Password’
- Enter your current and new password
Why Careem Waited so Long?
According to the company, they had approached the authorities to take this matter into hand. Such matters are very delicate and time-consuming, thus, it took a while before the company informed their users of this breach.
What do you think about this security breach?