oBike Users’ Email Addresses And Phone Numbers Leaked Online In Database Hack

oBike’s Database Compromised, Unknowingly Leaks Users’ Data Worldwide

oBike users — your personal information might’ve been leaked online.

This comes after it was reported that bike-sharing service provider oBike had suffered a security breach which resulted in its users’ data being compromised.

If it makes you feel any better however, we weren’t just the only ones affected. Our counterparts in countries such as Germany, Malaysia, Switzerland and Great Britain had their details revealed as well.

Seems that oBike’s user’s information wasn’t lined up nicely.

Source

But before you start cancelling your subscriptions and asking for the refund, the issue has since been fixed and the system has been made more secure.

So it’s actually safe to keep riding the bikes – figuratively speaking of course, don’t forget to wear a helmet.

oBike’s global security breach

The leak was first discovered by Bavarian news agency BR24, when they realized they could access information oBike’s users’ information on the Internet. German broadcaster Bayerischer Rundfunk then reported that users’ data wasn’t encrypted and could be retrieved online.

Guess their security systems were in a mess.

Source

However, a spokesperson for the Singapore-based company quickly confirmed that they were aware of the issue since its discovery two weeks ago. He stated that they have since fixed it and improved the security of the system.

We have since fixed the loophole by disabling the API and created additional security layers.

He also assured that the leak wasn’t widespread and that information such as credit card details wasn’t compromised.

 

This only affected a small handful of our users. The personal data that was exposed was limited to user names, email addresses and mobile numbers. The app does not store credit card details or passwords of users.

Guess the worst that could happen is receiving a bunch of spam calls or emails — a mild inconvenience yes, but thankfully nothing major.

Reason for security breach

In addition to users’ data being neither encrypted nor protected, Bayerischer Rundfunk research found that the issue stemmed from the “problematic” social media features of the app.

If only their security measures weren’t all over the place.

Source

They stated that oBike’s feature of giving users the option to share invitation codes and social network travel also – unknowingly – allowed direct access to their own personal data. The company confirmed this by saying that the issue was a result of a “gap in our API (application programming interface) that allowed users to refer a friend to our platform”.

However, oBike has also stated that they’re in the process of reviewing their app.

We are relooking the sharing and security functions of the app, to ensure that no further user data is compromised.

Rightfully so.

Let’s hope their new system isn’t down in the drains.

Source

Additionally, the Personal Data Protection Commision (PDPC) in Singapore has confirmed that they were aware of the breach and have “reached out to oBike for more details.”

Harmless leak or serious oversight?

What do you think of this incident? Was it just a harmless leak or a serious oversight on the company’s security?

At the very least, oBike admitted up front about the issue and quickly rectified it. It’s not like they paid hackers $135,000 to cover up their data breach or anything — unlike a certain ride-hailing giant.

Let us know what you think.

Featured image from Twitter

Sean Chan Kit Whye

This has to be the most boring profile ever, I can't believe you are reading this. I could type random crap here and no one will really see it. Seriously, close this page and go out and do something. Actually I was kidding, come get your latest dosage of news here. You little curious reader, you.

Recent Posts

17-year-old hacked to death after brother-in-law takes teasing remark too seriously in the Philippines

The victim jokingly threatened to hack the assailant, so the latter decided to get ahead…

12 Dec 2024, 6:05 pm

M’sian inmate earns PhD in business admin behind bars, granted royal pardon after 23 years

He began serving time at age 14 after being convicted of murdering his employer.

12 Dec 2024, 5:43 pm

21-year-old daughter surprises mother in Genting, dies in accident when coming back to S’pore

The 21-year-old had only recently graduated from university.

12 Dec 2024, 5:11 pm

5-year-old boy among 3 injured in multi-vehicle crash involving 2 lorries, 2 taxis & a car at Yew Tee

Besides the boy, a 33-year-old car driver and a 61-year-old male taxi driver were also…

12 Dec 2024, 4:09 pm

Woman dies in car crash that tore off vehicle’s roof in M’sia, her 9-year-old daughter survives

She was driving her daughter to school when the accident occurred.

12 Dec 2024, 3:20 pm

16-year-old boy in Philippines performs CPR on elderly heart attack victim, refuses cash reward

The 10th grade special education student has also helped others in the past.

12 Dec 2024, 3:15 pm