The RTA announced the formation of a new company in partnership with ride-hailing business Careem. Pawan Singh / The National
The RTA announced the formation of a new company in partnership with ride-hailing business Careem. Pawan Singh / The National
The RTA announced the formation of a new company in partnership with ride-hailing business Careem. Pawan Singh / The National
The RTA announced the formation of a new company in partnership with ride-hailing business Careem. Pawan Singh / The National

UAE

Ride sharing platform Careem says hit by cyber attack with data of up to 14 million users stolen

Company says customers' credit card details were held by third party and were not compromised

Mustafa Alrawi
Mustafa Alrawi

April 23, 2018

  • English
  • Arabic

The personal data of up to 14 million people in the Middle East, North Africa, Pakistan and Turkey has been stolen by online criminals in a cyber-attack on the systems of Dubai ride sharing platform Careem.

On January 14, the company detected the breach in the computer systems which hold the account data of customers and captains – or drivers – in 78 cities in 13 countries. Names, email addresses, phone numbers, as well as trip data was stolen.

At the time of the attack, Careem had 14 million customers and 558,000 captains on its platform. Those who have signed up since then are not affected by the breach.

It is the first successful cyber-attack of this magnitude on the company, according to Careem.

It said that there is no evidence that passwords, which are encrypted, or credit card numbers, which are kept with a highly-secure external third party, have been compromised.

No fraud or misuse related to the stolen information has been discovered so far by the company.

On January 14th, the company said it was alerted to a message the hacker had left on its system. It immediately investigated the incident, and together with an external cyber security firm put in place measures to protect the data and ensure its services were not disrupted.

_______________

Read more:

Serious cyber attack on UK ‘a matter of when, not if’, spy chief warns

Japan's Softbank, Etisalat and two other telcos to form cybersecurity alliance

Bolstering businesses' cyber security on agenda for Abu Dhabi meeting

_______________

Careem said it successfully identified and secured the source of the breach and has now strengthened its network defences.

Relevant law enforcement agencies will be notified in due course and the company is collaborating with Interpol. Careem’s servers are located in Ireland. It will also notify Dubai’s Roads and Transport Authority, Careem said.

"We regularly review and update our security systems – this time it wasn't enough to prevent an attack," Careem said in an email it will send to its customers on Monday, which The National has seen in advance, apologising for the security failure.

Mudassir Sheikha, Careem chief executive and co-founder told The National that "throughout the incident, our priority has been to protect the data and privacy of our customers and captains. Since we discovered the criminal activity, we worked to understand the situation, who was affected, and what we needed to do. We're sorry for what happened, but Careem has learned from this and will come out stronger and more resilient."

Careem, which has expanded its services to 90 cities and 14 countries this year, is making a huge investment in digital security off the back of the January incident and has hired “leading cyber security experts”.

The RTA, which uses Careem’s ride hailing app for its taxis, is not affected by the attack, as it does not share any of its drivers' data with the company.

According to the UAE Telecommunications Regulations Authority, hackers targeted 34 websites in January, including eight data breaches.

In November, rival Uber said it had paid hackers to delete the personal data of 57 million customers and drivers in an attack that the company did not disclose had happened for more than a year. Its chief security officer was dismissed over the incident.

Cyber security threats around the world are on the rise and last May, major companies such as FedEx and Telefonica, and public institutions including the UK's National Health Service, were victims of a world-wide WannaCry ransomware attack.

Researchers at Kaspersky Lab at the time recorded more than 45,000 attacks in 74 countries worldwide, including the UK, UAE, Spain, Russia and Saudi Arabia.

Company profile

Date started: January, 2014

Founders: Mike Dawson, Varuna Singh, and Benita Rowe

Based: Dubai

Sector: Education technology

Size: Five employees

Investment: $100,000 from the ExpoLive Innovation Grant programme in 2018 and an initial $30,000 pre-seed investment from the Turn8 Accelerator in 2014. Most of the projects are government funded.

Partners/incubators: Turn8 Accelerator; In5 Innovation Centre; Expo Live Innovation Impact Grant Programme; Dubai Future Accelerators; FHI 360; VSO and Consult and Coach for a Cause (C3)

LIST OF INVITEES

Shergo Kurdi (am) 
Rayhan Thomas
Saud Al Sharee (am)
Min Woo Lee
Todd Clements
Matthew Jordan
AbdulRahman Al Mansour (am)
Matteo Manassero
Alfie Plant
Othman Al Mulla
Shaun Norris

Company profile

Name: Tratok Portal

Founded: 2017

Based: UAE

Sector: Travel & tourism

Size: 36 employees

Funding: Privately funded

It’ll be summer in the city as car show tries to move with the times

If 2008 was the year that rocked Detroit, 2019 will be when Motor City gives its annual car extravaganza a revamp that aims to move with the times.

A major change is that this week's North American International Auto Show will be the last to be held in January, after which the event will switch to June.

The new date, organisers said, will allow exhibitors to move vehicles and activities outside the Cobo Center's halls and into other city venues, unencumbered by cold January weather, exemplified this week by snow and ice.

In a market in which trends can easily be outpaced beyond one event, the need to do so was probably exacerbated by the decision of Germany's big three carmakers – BMW, Mercedes-Benz and Audi – to skip the auto show this year.

The show has long allowed car enthusiasts to sit behind the wheel of the latest models at the start of the calendar year but a more fluid car market in an online world has made sales less seasonal.

Similarly, everyday technology seems to be catching up on those whose job it is to get behind microphones and try and tempt the visiting public into making a purchase.

Although sparkly announcers clasp iPads and outline the technical gadgetry hidden beneath bonnets, people's obsession with their own smartphones often appeared to offer a more tempting distraction.

“It's maddening,” said one such worker at Nissan's stand.

The absence of some pizzazz, as well as top marques, was also noted by patrons.

“It looks like there are a few less cars this year,” one annual attendee said of this year's exhibitors.

“I can't help but think it's easier to stay at home than to brave the snow and come here.”

Buy farm-fresh food

The UAE is stepping up its game when it comes to platforms for local farms to show off and sell their produce.

In Dubai, visit Emirati Farmers Souq at The Pointe every Saturday from 8am to 2pm, which has produce from Al Ammar Farm, Omar Al Katri Farm, Hikarivege Vegetables, Rashed Farms and Al Khaleej Honey Trading, among others. 

In Sharjah, the Aljada residential community will launch a new outdoor farmers’ market every Friday starting this weekend. Manbat will be held from 3pm to 8pm, and will host 30 farmers, local home-grown entrepreneurs and food stalls from the teams behind Badia Farms; Emirates Hydroponics Farms; Modern Organic Farm; Revolution Real; Astraea Farms; and Al Khaleej Food. 

In Abu Dhabi, order farm produce from Food Crowd, an online grocery platform that supplies fresh and organic ingredients directly from farms such as Emirates Bio Farm, TFC, Armela Farms and mother company Al Dahra. 

TransportTechnologyUAE