Ola Cabs hacked by TeamUnknown; Credit Card data likely compromised

ola_cabs_logo

Among the fastest growing taxi hiring firms, Ola Cabs, the Indian Uber, based out of Mumbai providing Taxi booking facility through their app, website or through calls was recently exploited by TeamUnknown. Credit card details, previous user transaction history, and unused vouchers are likely compromised though not yet made its way to the public.

Recently we’ve seen Gaana.com has been hacked by a Pakistani hacker whom was taken into the team ( hired by Times’ CEO) and now Ola cabs hacked.

Claiming Ola to have a poor application design, and a weakly configured server, TeamUnknown posted to Reddit today 3 screenshots showing some of the data, table structures, and the SQL server’s hostname.

The passwords were hashed with the MD5 algorithm, which is probably not a very good idea to use given the computing prowess available today; while the database on the whole followed the relational database model. Some of the leaked data

f7qr5EN

NwE5p0R

It should be taken note however that this was the Development server of Ola. So, we can expect that they hopefully just had dummy data there, thus not causing much harm.

The main server is likely to be hosted someplace elsewhere secure, like the Amazon AWS which is much more difficult to break in. TeamUnknown has dropped by a mail to the Ola Team, but haven’t received a response yet. Ola being in denial is not a surprise move, since the exploited server being a development server with likely dummy data; and with Credit Card info, previous user transactions and even a ‘users_signatures’ table, we really hope it was all just dummy data!

Update: Ola Cabs released a statement – There has been no security lapse, whatsoever to any user data. The alleged hack seems to have been performed on a staging environment when exposed for one of our test runs. The staging environment is on a completely different network compared to our production environment, and only has dummy user values exclusively used for internal testing purposes. We confirm that there has been no attempt by the hackers to reach out to us in this regard. Security and privacy of customer data is paramount to us at Ola.

Last Updated on by Vamsee Angadala

Sourcereddit

Get Your Daily Dose of Tech Delivered To Your E-Mail!

Get updates on all the latest news, offers and more. Subscribe to our newsletter now!

By subscribing, you agree to our Privacy Policy.

Latest Stories

Q Mic – Designed for ASMR, Amateur & Professional...

With the rise of ASMR & other content types, recording high-quality sound is quite necessary. One particular problem content creators face having different mics...

Fossil sport review – Bringing out the fitness beast...

Fossil, one of my favorite watch manufacturers came up with a new smartwatch, Fossil Sport, recently. Fossil is not new to Google wear OS...

EasySMX VIP002D Review

Recently, we tried quite a few gaming accessories and a cheap gaming headset was among them. While I quite liked the product, in terms...

ROG Phone II Hands-on Review – My First Impressions...

ROG Phone II is finally official now. Yet again, the leaks have come true, and boy, the device is lit AF. I was invited...

Related Stories

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

5,551FansLike
850FollowersFollow
381FollowersFollow
9FollowersFollow
1,262FollowersFollow
547SubscribersSubscribe