Monday, May 5, 2025
Homecyber securityTaxi App Vendor Data Leak: 300K Passengers Data Exposed

Taxi App Vendor Data Leak: 300K Passengers Data Exposed

Published on

SIEM as a Service

Follow Us on Google News

Around 300,000 taxi passengers’ personal information was left exposed on the internet, causing concern in the UK and Ireland.

Cybersecurity researcher Jeremiah Fowler discovered the breach involving Dublin-based taxi dispatch system provider iCabbi and subsequently reported it to vpnMentor.

Fowler stumbled upon a non-password-protected database containing a wealth of passengers’ personal information (PII), including names, phone numbers, and email addresses.

- Advertisement - Google News

The breach impacted nearly 300,000 individuals whose records were exposed.

The database contained 22,745 records in .csv format, detailing contact information and user IDs of customers primarily located in the UK and Ireland.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

The Exposed Data

The breach exposed various email addresses from various providers and private domains. The breakdown of the exposed email addresses includes 117,231 Gmail accounts, 65,060 Hotmail, 17,588 Yahoo, 18,099 iCloud, 12,798 Outlook, and 7,484 Live, among others.

The list also featured email addresses from significant media outlets such as the BBC and government agencies, including the NIH and HM Treasury, highlighting the breach’s potential ramifications.

Data Leak Sample

Upon discovering the breach, Fowler swiftly sent a responsible disclosure notice to iCabbi.

The company reacted promptly, restricting public access to the database the following day.

However, it remains unclear how long the data was exposed or if unauthorized parties accessed the non-password-protected database before the breach was contained.

iCabbi, known for its dispatch and fleet management technology, aims to modernize and manage taxi services, positioning itself as a competitive alternative to ride-hailing companies.

With over one billion bookings registered across 15 countries, the company’s influence in the taxi operation industry is significant.

In 2023, the UK’s taxi operation industry alone was valued at an estimated £8.6 billion, underscoring the potential impact of such a data breach.

As the investigation into the breach continues, the focus will likely shift towards understanding how such a significant amount of sensitive data was left unprotected, and what steps can be taken to prevent similar incidents from happening in the future.

Both passengers and industry stakeholders should prioritize data security and safeguard against cyber threats, making this breach a call to action.

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...