It is ingenuine on their part to not report how detailed the trip data they have is. Trip data could easily show Users' home/office locations, their daily travel patterns, their kid's daycare and whatnot. This kind of knowledge can be extremely dangerous if it falls into the wrong hands. Careem should be more straightforward about this and explain the consequences, rather than slyly gloss over the most dangerous part of the breach by mentioning only two effing words about it.
They also have only said when they figured out the breach, but not when the breach was. It could have happened a day before January 14th, or 3 months before January 14th. The difference is how much trust I would give them.
Interestingly they said the breach was done by "online criminals". Do they know, or do they automatically assume that people illegally accessing systems are criminals?
> This kind of knowledge can be extremely dangerous if it falls into the wrong hands.
Let’s not go overboard with the panic just yet. The world isn’t some spy novel where nefarious actors are constantly trying to kill you or your children.
How do I know? Because if you are not currently under protection, I could easily create all the location history I might want within a week. And nobody willing to abduct you would scoff at a week’s work.
Also: if anybody wanted to kill you you’d be dead.
I know it’s a lot of fun to run down all the “thread actors” and the “tradecraft” they might use in your head on long, boring flights. But you’re not actually a movie character.
a friend ,who had a job interview with careem, told me i should use a different mobile number and name if I'm using their service. Glad i followed his advice.
Why is Uber included in the title here? It makes it seem like Uber was involved. I think the title should mention, at most, the Careem is a Middle Eastern ridesharing company.
Ridesharing could also include long-distance ride-sharing like BlaBlaCar. Since Uber-for-X has become a thing, I don't think including Uber in the title is a bad thing.
Wonderful, hacking often means dumping one data store due to sec problem with it (think 90s-SQL-injection).
I assume trip data was stored in the same system as emails - so both got hacked. Minor security considerations would put those in different systems and not store together.
pcx|7 years ago
netsharc|7 years ago
Interestingly they said the breach was done by "online criminals". Do they know, or do they automatically assume that people illegally accessing systems are criminals?
IAmEveryone|7 years ago
Let’s not go overboard with the panic just yet. The world isn’t some spy novel where nefarious actors are constantly trying to kill you or your children.
How do I know? Because if you are not currently under protection, I could easily create all the location history I might want within a week. And nobody willing to abduct you would scoff at a week’s work.
Also: if anybody wanted to kill you you’d be dead.
I know it’s a lot of fun to run down all the “thread actors” and the “tradecraft” they might use in your head on long, boring flights. But you’re not actually a movie character.
unknown|7 years ago
[deleted]
dheera|7 years ago
* whoever you have ever been in a relationship with
* which VCs have given you a second meeting on a Monday
* when you exercise
* which cuisines you prefer
* which specialist doctor offices you have visited
* whether you have been interviewing at other companies
Forget this Facebook nonsense. Uber knows everything about you.
__bee|7 years ago
https://help.careem.com/hc/en-us/articles/115008681747-How-d...
reallymental|7 years ago
So they've hashed your account details. They won't delete this. Great
tzahola|7 years ago
"We take the protection of our customers and captains’ data very seriously."
nuclearcookie|7 years ago
amingilani|7 years ago
What customer account data was stolen?
Customers’ name, email address, phone number and trip data.
stevekemp|7 years ago
thawab|7 years ago
unknown|7 years ago
[deleted]
thrillgore|7 years ago
Thanks for not telling anyone sooner.
techwizrd|7 years ago
thesimon|7 years ago
thisisit|7 years ago
"Careem, ridesharing company/app in the Middle East"
work better than calling out Uber?
GrumpyNl|7 years ago
ckastner|7 years ago
abdullahdiaa|7 years ago
ScalaForever|7 years ago
I assume trip data was stored in the same system as emails - so both got hacked. Minor security considerations would put those in different systems and not store together.