Bykea, a widely used ride-hailing, mobility, and delivery app in Pakistan, fell victim to a distressing hacking incident. The Bykea breach, which occurred on 13th June, resulted in users receiving highly inappropriate text messages that left them alarmed and unsettled. Bykea swiftly responded to the situation, apologizing for the offensive messages and taking immediate action to rectify the breach.
Bykea Hacked: Hackers Sent Disturbing Notifications
The incident unfolded when users began receiving offensive language notifications through a compromised third-party communication tool. The first inappropriate message appeared on users’ screens around 12:10 pm, followed by another notification, written in Urdu, roughly 40 minutes later, confirming the app was still hacked.
Bykea’s CEO, Muneeb Maayr, disclosed that the breach originated from a laptop belonging to a Bykea employee in their Karachi office, accessed from outside the country. The compromised third-party tool, lacking two-factor authentication, allowed the hackers to breach the system and gain unauthorized access to the application. However, the name of the compromised tool was not disclosed for security reasons.
Apology Statement
In response to the incident, Bykea released a statement expressing their sincerest apologies for the inappropriate messaging. They confirmed that the breach occurred through a third-party communication tool and reassured users that their app and data remained secure. Bykea encouraged users to reach out to their helpline if they encountered any further issues.
Cybersecurity expert Etizaz Mohsin highlighted the need for product companies to strengthen their security controls to prevent such incidents. He said that implementing robust security measures can significantly reduce the risk of unauthorized access and breaches. Mohsin emphasized the importance of two-factor authentication as an effective security measure.
Bykea assured users that their data remains protected, with only encrypted mobile numbers stored on their platform, while Bank Alfalah manages credit card information. As the situation remains under control, Bykea strives to rebuild trust and reinforce its commitment to user safety and data privacy.
Also read: Data of Naheed’s Online Store Hacked; Sensitive Information Now Available on Dark Web