Nearly 300,000 taxi passengers‘ personal data was left vulnerable online, sparking concerns across the UK and Ireland. Cybersecurity researcher Jeremiah Fowler uncovered the breach involving iCabbi, a Dublin-based taxi dispatch system provider, and promptly alerted vpnMentor. Fowler stumbled upon an unprotected database containing a plethora of passengers’ personal information, including names, phone numbers, and email addresses, affecting nearly 300,000 individuals primarily in the UK and Ireland.
The exposed data included a breakdown of email addresses from various providers and private domains, such as Gmail, Hotmail, Yahoo, iCloud, Outlook, and Live, among others. Notably, email addresses from prominent media outlets like the BBC and government agencies such as the NIH and HM Treasury were also compromised, highlighting the widespread impact of the breach. Upon discovery, Fowler promptly notified iCabbi through a responsible disclosure notice, prompting the company to restrict public access to the database the following day.
However, questions linger regarding the duration of the exposure and whether unauthorized parties accessed the non-password-protected database before the breach was contained. iCabbi, renowned for its dispatch and fleet management technology, aims to modernize and streamline taxi services, making it a significant player in the industry with over one billion bookings registered across 15 countries. As investigations into the breach continue, stakeholders are urged to prioritize data security and take proactive measures against cyber threats to prevent similar incidents in the future.
