Dubai-based ride-hailing app Careem was hacked at the beginning of this year, potentially exposing the data of users and drivers, the company revealed in a blog post Tuesday.
Careem officials said that on January 14 they became aware that online criminals had gained access to the portion of the app’s system that stores customer and driver — called “captains” — account data. While Careem admits information such as names, email addresses, phone numbers, and trip data was stolen, there is no evidence to suggest credit card numbers or passwords were compromised.
Anyone who signed up after January 14 was not affected.
“Throughout the incident, our priority has been to protect the data and privacy of our customers and captains,” the blog post reads. “Since discovering the issue, we have worked to understand what happened, who was affected, and what we needed to do to strengthen our network defences.”
According to the Enterprise Times, as many as 14 million drivers and customers may have been affected by the breach.
Careem said it is working with law enforcement and cybercrime experts to fully understand what happened, how it happened, who exactly was affected, and what the ride-hailing group can do to prevent future attacks.