Olacabs reportedly hacked, but company denies breach

Taxi hailing app Olacabs has been reportedly hacked and the hacker group has posted the database structure of Olacabs on Reddit.


Update: Ola has written to us with an official statement:

"There has been no security lapse, whatsoever to any user data. The alleged hack seems to have been performed on a staging environment when exposed for one of our test runs. The staging environment is on a completely different network compared to our production environment, and only has dummy user values exclusively used for internal testing purposes. We confirm that there has been no attempt by the hackers to reach out to us in this regard. Security and privacy of customer data is paramount to us at Ola."

Taxi hailing app Olacabs has been reportedly hacked and the hacker group has posted the database structure of Olacabs on Reddit. The group claims to have had access to user details and as well as credit card and transaction history. It also claims to have had sent a mail across to Olacabs pointing out at their weakness but as of now, has received no reply whatsoever.

The hacker group goes by the name TeamUnknown, and has also posted snapshots on Reddit of the hack which show results of database query that includes a lot of names that appear to be related to Olacabs. The hacker added to the post that the hack was 'a little tricky and involved many steps to get to the database.' TeamUnknown stated that Olacab's application design is very poor and its development server is weakly configured as well. According to the hacker group, access to user database was ' like winning a lottery'. Apparently, it had all the user details along with credit card transaction history and unused vouchers.

Towards the end of the post, TeamUnknown claimed that they will not be using or exploiting credit card details and voucher codes and mocked Olacabs's security team as 'not that good it seems'.

Some of the snapshots included by TeamUnknown are posted below:

Olacabs reportedly hacked, but company denies breach

olacabs2

olacabs3

The screenshots point out that the hackers have access to email ids of various employees and users along with their phone numbers. The last screenshot shows depicts MySQL codes which can retrieve any information he or she wants from Ola database, as pointed out by Trak.

Last month, one of India’s popular music streaming service Gaana was hacked and its massive database, about 10 million users, had been compromised. The hacker went by the name MakMan who appeared to have been based in Lahore, Pakistan and posted a link to his Facebook page of what appeared to be the entire database of Gaana.com’s users containing personal details.

Find our entire collection of stories, in-depth analysis, live updates, videos & more on Chandrayaan 2 Moon Mission on our dedicated #Chandrayaan2TheMoon domain.