This is from Careem’s official website and it’s some serious shit:

On January 14th of this year, we identified a cyber incident involving unauthorised access to a system we use to store data. Our team immediately investigated this, working with an external cybersecurity firm to put in place measures to protect our customers and captains, and to ensure that our service and your lives were not disrupted. As online criminals’ methods and tactics continue to evolve and become ever more sophisticated, it is our duty to meet these threats. We are increasing our online security efforts to ensure that we can continue to empower people across the region, especially the millions of captains and customers who depend on Careem to earn a living and get around.

What customer account data was stolen? Customers’ name, email address, phone number and trip data.

I find it weird that we were only notified three months later of the attack especially that customers’ names, email addresses, phone numbers and trip data were stolen. According to Gizmodo, we’re talking about data belonging to 14 million riders and drivers. Luckily, Careem said that it discovered no evidence that passwords or credit card information had been breached but it’s advised to change your password and check your bank statement for any fraudulent transactions.