Uber’s major competitor in India, Ola cabs suffered a security breach after being hacked by a hacker group called Team Unknown. The hacker group then posted on Reddit that they were able to access the company’s database and went as far as posting the company’s database that included the user details including credit card transaction history and unused vouchers.The hackers proceeded to share a post on the Olacabs.com website with the header “OLACABS.COM Hacked!!”
Their Application design is very poor and their development server is weakly configured. The hack was a little tricky and involved many steps to get to the database. Once we got to the database it was like winning a lottery. It had all the user details along with credit card transaction history and unused vouchers. The voucher codes are not even out yet. Its obvious that we wont be using credit card details and voucher codes.
The firm has since vehemently denied the claims stating there was no security lapse, whatsoever to any user data. It also stated that the only values posted from the hack were seemingly performed on a staging environment when exposed for one of Ola’s test runs. Screenshots of the hack posted on Reddit show MySQL codes which can retrieve any information the hacker wants from Ola database. Below are images posted on Reddit showing the hack.