Technology

Digital Rights Foundation raises questions on Careem’s security breach

Careem recently revealed they suffered a massive security breach in January that compromised data of riders and captains. The ride-hailing company is now experiencing an uproar from their customers for the delayed notification of the data breach.

Amidst the severe backlash, Digital Rights Foundation (DRF) is asking the right questions. DRF has been advocating for a data protection legislation for Pakistan that protects Pakistani customers from such incidents. DRF published a statement expressing concern over the critical nature of the data that has been compromised and pointing out the weakness in the security protocol of these systems. Through the hacked information, the attackers can easily identify not only riders but their whereabouts by exploring their trip patterns. If revealed, this data can pose extreme danger to individuals. Here is what DRF wants Careem to answer:

  • Why did it take months to report the incident to the public?
  • What is the number of customers that are affected by this breach?
  • Who were the perpetrators of the attack?
  • What happened to the stolen data and where was it potentially stored?
  • What measures is the company taking to ensure the security of stolen data?
  • Will Careem take responsibility for any unforeseen incident occurring by the misuse of data?
  • How will Careem ensure the stronger security of customer information in the future?

Yes, Careem was carrying out investigations but millions of customers were using the ride-hailing service since January without being aware that their data has been compromised, therefore they could not raise their concern or hold the company accountable for their stolen data. DRF says that,

“Careem’s silence for four months and inadequate justification of the data breach is indicative of the fact that tech companies operate without being held accountable under any laws in the countries where they operate.”

DRF also pointed out to the business models of several tech companies that revolve around selling user data. Recently, it was revealed Facebook also collects data of non-Facebook users while Google amasses user data 10 times more than Facebook and then sells it to the highest bidder.

Sponsored
Asra Rizwan

I profile people and startups contributing to the Pakistani technology entrepreneurial ecosystem. Share a story with me, asra@techjuice.pk

Share
Published by
Asra Rizwan

Recent Posts

Garena Free Fire India Launch Rumors: What Fans Need to Know

Reports suggest that Garena Free Fire is set to make a much-anticipated return to India.…

13 hours ago

Albania Bans TikTok for One Year: Here’s the Reason!

The Albanian government has announced a ban on the social media platform TikTok for a…

17 hours ago

Google Pixel 9 Pro vs. 8 Pro: Biggest Upgrades Compared

The launch of Google’s latest Pixel lineup brings an exciting chance to compare the new…

19 hours ago

Azad Kashmir to Host Pakistan’s First Women-Centric Software Technology Park

ISLAMABAD: In February next year, Pakistan is set to launch its first women-focused software technology…

20 hours ago

HEC Reveals Law Admission Test Date for LLB Students

The Law Admission Test (LAT) has been announced by the Higher Education Commission (HEC) of…

20 hours ago

Meta’s WhatsApp to Release New Playback Speed Feature for Videos

Meta's WhatsApp is rolling out a new playback speed feature, allowing users to adjust video…

1 day ago