Telecoms company du yesterday closed a security loophole on its website that made its customers' email addresses available to members of the public.
The company was forced to make the security adjustment after the flaw was uncovered by a member of the public on Twitter.
The discovery occurred on the same day du announced it was launching a new range of security measures to protect its customers “key information”.
Du’s “selfcare” login screen had included an option for customers who had forgotten their password to obtain a new one. Such customers were then prompted to enter their mobile phone number and when they did so an automated message appeared on screen confirming the email address associated with that number.
However the loophole raised fears that fraudsters would be able to target specific phone numbers and find out the corresponding email address – as well as, in many cases, their first and last names which often feature on the email address.
One customer, Ramy Bayyour, flagged up the issue to the company on Twitter.
Mr Bayyour wanted to pay his phone bill online, but had forgotten his selfcare password. When he entered his number and his personal email address was displayed, alarm bells started ringing.
“I thought it was strange as most websites would either tell you that they would send an email to the address you have registered with or would maybe display the first few letters, but not the entire address,” he said. “I thought it might be something related to my account only, but then tried random numbers and numbers of people I know and same thing happened.
Email addresses associated with their selfcare accounts popped up.
“I was appalled,” he said.
Following a number of concerned messages to the company yesterday and requests from The National for comment, the loophole was closed.
The website now reads: “Your primary email in du” instead of displaying the full email address.
Du issued a statement yesterday saying: “We would like to assure that we treat our customers’ data privacy with utmost priority.
But for a temporary period, the email IDs of some du customers who use selfcare on www.du.ae were showing, only if they forgot their passwords. This issue has been immediately rectified today."
The company’s action comes on the same day it announced advanced security measures to help protect its customers’ data and information.
Media experts said it was crucial that organisations stored customers’ personal data securely.
“Any organisation that holds and manages user data online knows it has an enormous responsibility of trust and care, and needs to invest in ensuring it preserves its customers’ security and data,” said Alexander McNabb, a media expert and director of Dubai-based, Spot On Pr.
ksinclair@thenational.ae
The team
Fashion director: Sarah Maisey
Photographer: Greg Adamski
Hair and make-up: Ania Poniatowska
Models: Nyajouk and Kristine at MMG, and Mitchell
Stylist’s assistants: Nihala Naval and Sneha Maria Siby
Videographer: Nilanjana Gupta
Pakistanis at the ILT20
The new UAE league has been boosted this season by the arrival of five Pakistanis, who were not released to play last year.
Shaheen Afridi (Desert Vipers)
Set for at least four matches, having arrived from New Zealand where he captained Pakistan in a series loss.
Shadab Khan (Desert Vipers)
The leg-spin bowling allrounder missed the tour of New Zealand after injuring an ankle when stepping on a ball.
Azam Khan (Desert Vipers)
Powerhouse wicketkeeper played three games for Pakistan on tour in New Zealand. He was the first Pakistani recruited to the ILT20.
Mohammed Amir (Desert Vipers)
Has made himself unavailable for national duty, meaning he will be available for the entire ILT20 campaign.
Imad Wasim (Abu Dhabi Knight Riders)
The left-handed allrounder, 35, retired from international cricket in November and was subsequently recruited by the Knight Riders.
COMPANY PROFILE
Company name: Revibe
Started: 2022
Founders: Hamza Iraqui and Abdessamad Ben Zakour
Based: UAE
Industry: Refurbished electronics
Funds raised so far: $10m
Investors: Flat6Labs, Resonance and various others
EA Sports FC 24
Developer: EA Vancouver, EA Romania
Publisher: EA Sports
Consoles: Nintendo Switch, PlayStation 4&5, PC and Xbox One
Rating: 3.5/5
Zidane's managerial achievements
La Liga: 2016/17
Spanish Super Cup: 2017
Uefa Champions League: 2015/16, 2016/17, 2017/18
Uefa Super Cup: 2016, 2017
Fifa Club World Cup: 2016, 2017
Famous left-handers
- Marie Curie
- Jimi Hendrix
- Leonardo Di Vinci
- David Bowie
- Paul McCartney
- Albert Einstein
- Jack the Ripper
- Barack Obama
- Helen Keller
- Joan of Arc
Diriyah project at a glance
- Diriyah’s 1.9km King Salman Boulevard, a Parisian Champs-Elysees-inspired avenue, is scheduled for completion in 2028
- The Royal Diriyah Opera House is expected to be completed in four years
- Diriyah’s first of 42 hotels, the Bab Samhan hotel, will open in the first quarter of 2024
- On completion in 2030, the Diriyah project is forecast to accommodate more than 100,000 people
- The $63.2 billion Diriyah project will contribute $7.2 billion to the kingdom’s GDP
- It will create more than 178,000 jobs and aims to attract more than 50 million visits a year
- About 2,000 people work for the Diriyah Company, with more than 86 per cent being Saudi citizens
Sonchiriya
Director: Abhishek Chaubey
Producer: RSVP Movies, Azure Entertainment
Cast: Sushant Singh Rajput, Manoj Bajpayee, Ashutosh Rana, Bhumi Pednekar, Ranvir Shorey
Rating: 3/5
COMPANY PROFILE
Name: DarDoc
Based: Abu Dhabi
Founders: Samer Masri, Keswin Suresh
Sector: HealthTech
Total funding: $800,000
Investors: Flat6Labs, angel investors + Incubated by Hub71, Abu Dhabi's Department of Health
Number of employees: 10
SPECS
Engine: 1.5-litre turbo
Power: 181hp
Torque: 230Nm
Transmission: 6-speed automatic
Starting price: Dh79,000
On sale: Now
Recipe
Garlicky shrimp in olive oil
Gambas Al Ajillo
Preparation time: 5 to 10 minutes
Cooking time: 5 minutes
Serves 4
Ingredients
180ml extra virgin olive oil; 4 to 5 large cloves of garlic, minced or pureed (or 3 to 4 garlic scapes, roughly chopped); 1 or 2 small hot red chillies, dried (or ¼ teaspoon dried red chilli flakes); 400g raw prawns, deveined, heads removed and tails left intact; a generous splash of sweet chilli vinegar; sea salt flakes for seasoning; a small handful of fresh flat-leaf parsley, roughly chopped
Method
▶ Heat the oil in a terracotta dish or frying pan. Once the oil is sizzling hot, add the garlic and chilli, stirring continuously for about 10 seconds until golden and aromatic.
▶ Add a splash of sweet chilli vinegar and as it vigorously simmers, releasing perfumed aromas, add the prawns and cook, stirring a few times.
▶ Once the prawns turn pink, after 1 or 2 minutes of cooking, remove from the heat and season with sea salt flakes.
▶ Once the prawns are cool enough to eat, scatter with parsley and serve with small forks or toothpicks as the perfect sharing starter. Finish off with crusty bread to soak up all that flavour-infused olive oil.
THE NEW BATCH'S FOCUS SECTORS
AiFlux – renewables, oil and gas
DevisionX – manufacturing
Event Gates – security and manufacturing
Farmdar – agriculture
Farmin – smart cities
Greener Crop – agriculture
Ipera.ai – space digitisation
Lune Technologies – fibre-optics
Monak – delivery
NutzenTech – environment
Nybl – machine learning
Occicor – shelf management
Olymon Solutions – smart automation
Pivony – user-generated data
PowerDev – energy big data
Sav – finance
Searover – renewables
Swftbox – delivery
Trade Capital Partners – FinTech
Valorafutbol – sports and entertainment
Workfam – employee engagement
Company Profile
Name: Neo Mobility
Started: February 2023
Co-founders: Abhishek Shah and Anish Garg
Based: Dubai
Industry: Logistics
Funding: $10 million
Investors: Delta Corp, Pyse Sustainability Fund, angel investors
COMPANY PROFILE
Name: Kinetic 7
Started: 2018
Founder: Rick Parish
Based: Abu Dhabi, UAE
Industry: Clean cooking
Funding: $10 million
Investors: Self-funded
UAE athletes heading to Paris 2024
Equestrian
Abdullah Humaid Al Muhairi, Abdullah Al Marri, Omar Al Marzooqi, Salem Al Suwaidi, and Ali Al Karbi (four to be selected).
Judo
Men: Narmandakh Bayanmunkh (66kg), Nugzari Tatalashvili (81kg), Aram Grigorian (90kg), Dzhafar Kostoev (100kg), Magomedomar Magomedomarov (+100kg); women's Khorloodoi Bishrelt (52kg).
Cycling
Safia Al Sayegh (women's road race).
Swimming
Men: Yousef Rashid Al Matroushi (100m freestyle); women: Maha Abdullah Al Shehi (200m freestyle).
Athletics
Maryam Mohammed Al Farsi (women's 100 metres).
In numbers: China in Dubai
The number of Chinese people living in Dubai: An estimated 200,000
Number of Chinese people in International City: Almost 50,000
Daily visitors to Dragon Mart in 2018/19: 120,000
Daily visitors to Dragon Mart in 2010: 20,000
Percentage increase in visitors in eight years: 500 per cent
MATCH INFO
Osasuna 1 Real Madrid 4
Osasuna: García (14')
Real Madrid: Isco (33'), Ramos (38'), Vázquez (84'), Jovic (90'+2)
A QUIET PLACE
Starring: Lupita Nyong'o, Joseph Quinn, Djimon Hounsou
Director: Michael Sarnoski
Rating: 4/5
Company Profile
Name: Direct Debit System
Started: Sept 2017
Based: UAE with a subsidiary in the UK
Industry: FinTech
Funding: Undisclosed
Investors: Elaine Jones
Number of employees: 8
TWISTERS
Director:+Lee+Isaac+Chung
Starring:+Glen+Powell,+Daisy+Edgar-Jones,+Anthony+Ramos
Rating:+2.5/5
