Technology

Digital Rights Foundation raises questions on Careem’s security breach

Careem recently revealed they suffered a massive security breach in January that compromised data of riders and captains. The ride-hailing company is now experiencing an uproar from their customers for the delayed notification of the data breach.

Amidst the severe backlash, Digital Rights Foundation (DRF) is asking the right questions. DRF has been advocating for a data protection legislation for Pakistan that protects Pakistani customers from such incidents. DRF published a statement expressing concern over the critical nature of the data that has been compromised and pointing out the weakness in the security protocol of these systems. Through the hacked information, the attackers can easily identify not only riders but their whereabouts by exploring their trip patterns. If revealed, this data can pose extreme danger to individuals. Here is what DRF wants Careem to answer:

  • Why did it take months to report the incident to the public?
  • What is the number of customers that are affected by this breach?
  • Who were the perpetrators of the attack?
  • What happened to the stolen data and where was it potentially stored?
  • What measures is the company taking to ensure the security of stolen data?
  • Will Careem take responsibility for any unforeseen incident occurring by the misuse of data?
  • How will Careem ensure the stronger security of customer information in the future?

Yes, Careem was carrying out investigations but millions of customers were using the ride-hailing service since January without being aware that their data has been compromised, therefore they could not raise their concern or hold the company accountable for their stolen data. DRF says that,

“Careem’s silence for four months and inadequate justification of the data breach is indicative of the fact that tech companies operate without being held accountable under any laws in the countries where they operate.”

DRF also pointed out to the business models of several tech companies that revolve around selling user data. Recently, it was revealed Facebook also collects data of non-Facebook users while Google amasses user data 10 times more than Facebook and then sells it to the highest bidder.

Sponsored
Asra Rizwan

I profile people and startups contributing to the Pakistani technology entrepreneurial ecosystem. Share a story with me, asra@techjuice.pk

Share
Published by
Asra Rizwan

Recent Posts

First AI-Powered Teacher Launched in Pakistan’s Private School

Karachi: A private school in Karachi has unveiled Pakistan’s first AI-powered teacher, a groundbreaking move…

34 mins ago

Yahoo Surprises Users with Its Latest Android Launcher

Third-party apps have long been a staple of the Android ecosystem, but their appeal has…

2 hours ago

Phase-II Review of PTCL-Telenor Deal Finalized by CCP

ISLAMABAD: The Competition Commission of Pakistan (CCP) has completed its Phase-II review of Pakistan Telecommunication…

2 hours ago

Xiaomi’s SU7 Achieves New Production Record, Driving Q3 Growth

Xiaomi has shattered records by producing 100,000 vehicles in just 230 days. This is nearly…

3 hours ago

Teachers Can Now Access OpenAI’s Free AI Course

OpenAI, in collaboration with nonprofit organization Common Sense Media, announced on Wednesday the launch of…

4 hours ago

WhatsApp-Inspired Updates Under Testing in Google Messages

Google is exploring a revamped image-sharing interface in its Messages app, taking cues from WhatsApp…

5 hours ago