Technology

Digital Rights Foundation raises questions on Careem’s security breach

Careem recently revealed they suffered a massive security breach in January that compromised data of riders and captains. The ride-hailing company is now experiencing an uproar from their customers for the delayed notification of the data breach.

Amidst the severe backlash, Digital Rights Foundation (DRF) is asking the right questions. DRF has been advocating for a data protection legislation for Pakistan that protects Pakistani customers from such incidents. DRF published a statement expressing concern over the critical nature of the data that has been compromised and pointing out the weakness in the security protocol of these systems. Through the hacked information, the attackers can easily identify not only riders but their whereabouts by exploring their trip patterns. If revealed, this data can pose extreme danger to individuals. Here is what DRF wants Careem to answer:

  • Why did it take months to report the incident to the public?
  • What is the number of customers that are affected by this breach?
  • Who were the perpetrators of the attack?
  • What happened to the stolen data and where was it potentially stored?
  • What measures is the company taking to ensure the security of stolen data?
  • Will Careem take responsibility for any unforeseen incident occurring by the misuse of data?
  • How will Careem ensure the stronger security of customer information in the future?

Yes, Careem was carrying out investigations but millions of customers were using the ride-hailing service since January without being aware that their data has been compromised, therefore they could not raise their concern or hold the company accountable for their stolen data. DRF says that,

“Careem’s silence for four months and inadequate justification of the data breach is indicative of the fact that tech companies operate without being held accountable under any laws in the countries where they operate.”

DRF also pointed out to the business models of several tech companies that revolve around selling user data. Recently, it was revealed Facebook also collects data of non-Facebook users while Google amasses user data 10 times more than Facebook and then sells it to the highest bidder.

Sponsored
Asra Rizwan

I profile people and startups contributing to the Pakistani technology entrepreneurial ecosystem. Share a story with me, asra@techjuice.pk

Leave a Comment
Share
Published by
Asra Rizwan

Recent Posts

PSEB Opens Bidding for Nationwide e-Rozgar Centers

The Pakistan Software Export Board (PSEB) has launched a nationwide program to encourage IT startups…

2 mins ago

Google Play Services Bug Disrupts Access to Apps for Pixel Users: Here’s How to Fix It

A significant issue with Google Play Services has left many Pixel users unable to access…

7 mins ago

WhatsApp Beta Partners with Google for Innovative Image Search Feature

When it comes to Android messaging apps, WhatsApp stands out as one of the best.…

44 mins ago

Farrukh Sabzwari Appointed as CEO of PSX, Set to Serve for Three Years

Farrukh H. Sabzwari has been appointed Chief Executive Officer (CEO) of Pakistan Stock Exchange Company…

2 hours ago

250 Government Schools to Be Run by Private Sector

RAWALPINDI: The chairman of the Punjab Education Foundation, Malik Shoaib Awan, stated on Monday that…

3 hours ago

Pakistan Launches First National Sex Offenders Register to Combat Sexual Violence

Pakistan has taken a significant step towards addressing sexual violence and abuse with the introduction…

3 hours ago