Bike-sharing oBike is the latest subject of cybercrime activity affecting its users worldwide. A company spokesperson has admitted that the data breach impacted some users in Singapore.
It was first found out the previous week that some personal details and activities of oBike users in the app were accessible online. Data include names and ride locations.
Also read: Around 5,400 Singaporeans affected in AXA data breach
According to a spokesperson of oBike Singapore, they were informed about the data breach two weeks ago and responded immediately to fix the issue. He admitted that impacted users are not as one would expect for a data hacking.
"As (we are) a tech company, users' data and security are of paramount importance to us," reveals the spokesperson, stressing that credit card details and user passwords were not leaked since they are not stored in the app.
Cybercriminals penetrated the app's application programming interface (API) that allows users to refer their friends and family to the service.
"We have since fixed the loophole by disabling the API and created additional security layers," says the spokesperson. We are relooking the sharing and security functions of the app, to ensure that no further user data is compromised."
In November, ride-sharing giant Uber revealed its servers were attacked by hackers in October 2016, compromising the data of more than 57 million riders and drivers worldwide. Even so, Uber noted that there has been no report misuse of leaked details.