The Olacabs hack has surfaced with the news that credit card information along with other sensitive data has been hacked. This comes close on the heels of the Uber taxi service in Delhi that was under the question for security reasons in the last month of the last year.
As far as the olacabs hack is concerned, the hacking was the brainwork of a group called TeamUnknown. Though understandably Ola has refuted the reports that nothing like hacking took place, TeamUnknown was smart enough to post the ‘proofs’ on social networking site Reddit.
The ‘Unknown Team’ has come out with a brief history of Olacabs in the post on Reddit. However, what’s more important is the details they posted about the Olacabs hack.
According to them, the app design is of poor quality and also isn’t properly configured on the server – weekly configured. There were also the details of credit cards along with the transaction history of the users.
Like a Good Samaritan, TeamUnknown has said that they won’t be using any data or exploiting any card details. They also added that there were also lots of unused voucher codes as well and getting all the data was nothing less than like winning a lottery.
Mocking Olacab’s Security
TeamUnkown spoke about the Olacabs hack saying that they won’t be taking any disadvantage of the ‘lottery’ they got. However, the team didn’t have a good taste of the security levels of Olacabs. The last line of the post on Reddit was ‘I am sure OLA might be having a security team of their own. Not that good it seems’.
What the Snapshots Say
The snapshots denote that TeamUknown has access to the email address of the employees. There are email ids of the users and contact numbers too. The screenshot posted here shows the MySQL codes, which makes it possible to recover any sort of info the hacker wants from the database.
The Olacabs hack is not too far from the hacking of Gaana – the music streaming service in India. It has around 10 million users. It is assumed that this hacker in question came from Pakistan by the name MakMan. He also posted about the hack on his FB page. It felt as if there was the entire database of the users with personal details.