[BreachExchange] Hackers attack ride hailing app SWVL, gain user information

Destry Winant destry at riskbasedsecurity.com
Fri Jul 10 09:46:44 EDT 2020


https://www.businessdailyafrica.com/corporate/companies/Hackers-attack-ride-hailing-app-SWVL-gain-user-information/4003102-5589642-14y4t9y/index.html

Egypt-based ride hailing app SWVL was hacked in an attack that exposed
the personal information of passengers including emails, names and
phone numbers

The app on Monday evening notified customers of the security breach
and the security measures it deployed after attackers gained access on
its computer network

“On the 3rd of July, SWVL became aware of the unauthorised access to
our system. The investigation into the breach is still underway, but
at this stage, it is clear the data which was compromised is
restricted to names, email addresses, and the phone number,” read a
notice by SWVL.

“Rest assured that our investigation ensures that passwords and credit
card information were not affected.”

SWVL advised customers to change their passwords on the app and on any
other site where they had used the same.

Hackers use the information from data breaches to access other linked
accounts on other sites with similar password combinations gaining
credit or debit card information or use the accounts to fleece
contacts of the account holder.

This is not the first ride hailing app to become a victim of a data
breach. Back in 2016, Uber was hacked and information belonging to 57
million riders and drivers accessed including the names and driver’s
license numbers.

Yahoo experienced multiple data breaches between 2013 and 2016 where
three billion accounts were affected. A security researcher found an
unprotected server with a database containing 419 million phone
numbers belonging to Facebook users.

Zynga—creators of Words with friends and Draw something—were also
breached last year with 218 million accounts affected.


More information about the BreachExchange mailing list