Careem, a ride-hailing startup based in Dubai and operating in 13 countries,
announced on Monday that it discovered a breach in January that affected 14 million users’ data.
The intruder(s) got at customers’ and drivers’ names, email addresses, phone numbers and trip data. So far, Careem hasn’t seen any evidence that passwords or credit card data were involved in the breach.
Careem said that it keeps customers’ credit card information on an external, third-party, Payment Card Industry (PCI) -compliant server that uses “highly secure protocols and is employed by international banks around the globe to protect financial information.”