An anonymous hacker group has claimed to have hacked the database of taxi aggregator Ola, saying it has gained access to sensitive information. Going by the name ‘TeamUnknown’, the group claims to have hackeds user details, credit card transaction history and unused vouchers.
On a Reddit thread on Sunday, the group posted saying, “Their (Ola Cabs) application design is very poor and their development server is weakly configured. The hack was a little tricky and involved many steps to get to the database.
Once we got to the database it was like winning a lottery. It had all the user details along with credit card transaction history and unused vouchers. The voucher codes are not even out yet.” In March this year, an Ola user had posted online as to how he was able to recharge his wallet multiple times using the same order ID.
Ola on Monday issued a statement saying there has been no security lapse whatsoever to any user data.
“The alleged hack seems to have been performed on a staging environment when exposed for one of our test runs.
The staging environment is on a completely different network compared to our production environment, and only has dummy user values exclusively used for internal testing purposes. Security and privacy of customer data is paramount to us at Ola,” it said.