The Lahore High Court (LHC) on Friday summoned the provincial government, the Pakistan Telecommunications Authority (PTA) and others in a petition filed over the issue of mass data leak from the servers of online cab-hailing service Careem.
During the hearing of the case in the court of Justice Abid Aziz Sheikh, the petitioner alleged that the ride-hailing company stole sensitive data of its customers. Credit card information, email addresses and other user specific information was stolen and sold, alleged the petitioner.
The petitioner added that the data leak is a massive breach of users’ privacy and that federal laws dictated that no information was to be shared with anyone without prior permission. The petitioner added further that with the breach of data, there was a possibility of misuse of credit card information which would be detrimental for customers.
The petition also added that data of millions of users had been compromised and could create problems for them. At this, the court summoned PTA, Careem and the provincial government on the matter.
In a public statement issued on April 23, Careem had said that it identified a cyber incident involving unauthorised access to its system.
“On January 14 this year, we became aware that online criminals gained access to our computer systems which hold customer and captain account data. Customers and captains who have signed up with us since that date are not affected,” the company said.
“While we have seen no evidence of fraud or misuse related to this incident, it is our responsibility to be open and honest with you, and to reaffirm our commitment to protecting your privacy and data.”
Published in Daily Times, April 28th 2018.
