Ola leaked its customers data, claims user; company blames manual errorhttps://indianexpress.com/article/technology/social/ola-blames-manual-error-for-leaked-personal-user-data/

Ola leaked its customers data, claims user; company blames manual error

Ola Cabs is in hot soup again with a Chennai based user named Swapnil Midha claiming that the company leaked personal details of users

OlaCabs, OlaCabs personal data, OlaCabs data leaked, OlaCabs Delhi, OlaCabs data leaking, OlaCabs data breach, Technology, technology news
OlaCabs is leaking personal data of users, claims a Facebook post.

Ola Cabs appears to be in a new controversy with a Chennai based user named Swapnil Midha claiming that the company leaked personal details such as mobile numbers, locations of users via SMS. Ola has commented on the issue and blamed the error on a technical fault and said that they have now fixed the error.

According to Swapnil’s Facebook post Ola leaked the information of 100 customers to her via SMS. She says that the problem started three weeks back when she booked an Ola Cab and that after the ride, the VM-OLACAB started sending her messages which appeared to be garbled with “alpha-numeric messages with hashes.”

[related-post]

She writes in her post, “My phone beeped throughout the night. 1:06, 2:34, 2:37, 2:38, 4:05, 5:17. I couldn’t get my head around why these were coming at these times.

OlaCabs, OlaCabs personal data, OlaCabs data leaked, OlaCabs Delhi, OlaCabs data leaking, OlaCabs data breach, Technology, technology news
A screenshot of the OLA message shared by Swapnil. (Source: Swapnil Midha Facebook)

Swapnil claims that Ola didn’t fix the issue and that she has received over “300 and 400 texts from them so far.” According to her, Ola was forwarding her “confirmation messages when other customers made a booking” in Bangalore and that inside the messages she found “mobile numbers, names and addresses.”

She says that she even wrote to them on Facebook and Twitter. However on Ola’s Facebook page, public posts written by visitors are not visible. Swapnil says that Ola’s actions amount to a privacy breach and that it took Ola three weeks to fix the issue.

In a statement to IndianExpress.com, an Ola spokesperson said, “We have been trying to establish contact with the customer who reported this and have not been able to do so. There has been a manual error on the entry of a driver’s device number on our system, which is deeply regretted.”

The statement adds that Ola has fixed the issue “by deleting the number from our database and are putting in place a verification procedure as well to avoid such instances in the future. We value the privacy of our users and will continue to take utmost care in terms of data security on the Ola platform.”

In June, another a hacker group by the name Team Unknown has claimed that they successfully hacked into OlaCabs and managed to get access to sensitive information like credit-card history, vouchers, user behaviour. Ola had denied these claims.

In the post which was shared on Reddit, hackers put out snapshots which showcased credit cards and voucher codes. The hackers said they had not intention of misusing the credit card or voucher codes and had even emailed OlaCabs but had got no response from them.

Ola had stated then, “The alleged hack seems to have been performed on a staging environment when exposed for one of our test runs. The staging environment is on a completely different network compared to our production environment, and only has dummy user values exclusively used for internal testing purposes.”

Advertising

The latest report raises some concerns about the way private data is being handled by Ola.