The personal data of thousands of taxi app users’ in Ireland and the UK was found to be vulnerable after a cybersecurity researcher discovered it was in a non-password-protected database.
Cybersecurity expert Jeremiah Fowler uncovered the risk and reported it. The database contained the names, phone numbers and email addresses of nearly 300,000 taxi users across the UK and Ireland.
The digital record belonged to Dublin-based iCabbi, which is a taxi dispatch platform technology for taxi drivers and passengers.
The discovery, which occurred in January according to a statement from iCabbi, was the subject of an article by Mr Fowler yesterday on the online privacy website vpnMentor.
Mr Fowler said he immediately sent iCabbi notice of his findings and that public access to the database was restricted the next day.
“I imply no wrongdoing by iCabbi, their partners, clients, or customers. I am also not saying the data was at risk or accessed by any other individuals,” Mr Fowler said, adding that “iCabbi acted fast and professionally to secure the data upon receiving my responsible disclosure notice”.
The Data Protection Commission (DPC) reportedly said that it is also aware of the incident, and that it is engaging with iCabbi as a result.