Skip to main content

SWVL Exposed: Hackers Gain Access to User Information

N

Nyakundi Report

Newsroom 2 min read

This archive report was first published on 8 July 2020.

On July 3, 2020, ride-hailing app SWVL suffered a large-scale security breach, exposing user information including identities, passwords, emails, and recovery information.

According to a notice by SWVL, the company became aware of the unauthorized access to its system on July 3, 2020. The investigation into the breach is still underway, but it has been confirmed that the compromised data includes names, email addresses, and phone numbers.

SWVL assured customers that passwords and credit card information were not affected. However, the company advised customers to change their passwords on the app and on any other site where they had used the same.

Research shows that people tend to have similar passwords for their online accounts, which means that a breach of this magnitude has the potential to expose security not just on SWVL but also on other apps.

SWVL's hack is not the first time a ride-hailing app has been breached. In 2016, Uber was hacked, and information belonging to 57 million riders and drivers was accessed, including names and driver's license numbers.

Yahoo also experienced multiple data breaches between 2013 and 2016, affecting three billion accounts. A security researcher found an unprotected server with a database containing 419 million phone numbers belonging to Facebook users.

SWVL has appointed a new general manager, but the company's recent hack raises concerns about the security of its systems.

Be the first to react

Support

Support this reporting

M-Pesa support recorded against this story.

Send support →

Stay close

Get the briefing

Major updates by email. No spam.

Get email brief →

Share

Save share card

Download a clean portrait card for sharing.

Save image →