At the time, Bykea said it was unaffected by the intrusion because it kept regular backups.
It remains unclear whether this latest breach is related to the hack in September.
Who is Bykea?
Users’ full trip details exposed on the server
Currently, the company offers its range of taxi services in Karachi, Rawalpindi and Lahore.
What was leaked?
The exposed server contained API logs for both the companys web and mobile sites and all production server information.
Users’ full trip details exposed on the server
Trip details
Our team also found Bykeas internal employee login and unencrypted password information on the unsecured server.
This data was also stored on Bykeas database and exposed in the leak.
Customers electric bill payment
Our security team discovered Bykeas vulnerability on 14 November 2020.
Upon contacting the company on 24 November, Bykea responded immediately by securing its database within 24 hours.
About Us
SafetyDetectives.comis the worlds largest antivirus review website.
For a full review ofSafety Detectivescybersecurity reporting over the past 3 years, followSafetyDetectives Cybersecurity Team.
Trip details
Employee login credentials
Customer’s electric bill payment
