Careem has released a security update intended for its subscribers about a cyber attack on its servers that happened on 14th Jan 2018. Reportedly, customer personal data was compromised. According to the official release, stolen data of customer accounts include,
Customers’ name, email address, phone number and trip data.
Keeping transparency with its customers, the ride hailing service came public to announce the news instead of keeping it a secret – which is what responsible companies should do. While there is no clear statement of how many records have been compromised but some news sites are claiming exaggerated numbers.
What about Password and Credit Card information?
According to the security update, no password or credit card information has been stolen. Credit card information is not even stored at Careems data centers and instead on an external third-party PCI-compliant server.
Dear Customers, we have identified a cyber incident that took place in January 2018 involving unauthorized access to the system we use to store data. Our wider security protocol keep passwords encrypted and credit card details on a separate system. pic.twitter.com/rkcpf671ct
— Careem (@careem) April 23, 2018
Safety Guidelines for Consumers
For the safety of its cusotmer data, Careem has published the following guidelines:
- Implement good password management by updating your Careem password, as well as other accounts on which you use similar details. Use a strong mix of characters, and try not to use the same password for multiple sites
- Remain cautious of any unsolicited communications that ask for personal information or refer to a web page asking for personal information
- Avoid clicking on links or downloading attachments from unfamiliar emails
- Continue to review bank account and credit card statements for suspicious activity – if you see anything unexpected, call your bank
The update says Careem is taking care of such actions very well through its security experts and Careem users should feel safe and protected.
For more details, have a look at the official explanation of the cyber attack: https://blog.careem.com/en/stories/uae/ksa/security/