Contact Contact Us

Ride-Hailing Firm Accidentally Reveals Drivers' Email Addresses
TRANSPORT INDUSTRY

Vietnamese company, FastGo, who is a new entrant in Singapore's ride-hailing market has accidentally exposed the email addresses of about 300 drivers. The email gaffe took place when the company requested for the drivers' personal information but failed to use the blind carbon copy (BCC) field to conceal the recipients' email addresses. The exposed email list can become a commodity in underground market places as cyber criminals can use it to distribute malicious spams or conduct targeted attacks if the individuals in the list are of high value. Threat actors can also build an online profile of the target by associating essential personal information gleamed from the Internet with the email address. As many applications and services also use email address as the user login, threat actors can also attempt password spraying attacks to hijack the victim's account.

References:
[1] New Ride-Hailing Firm FastGo Apologises After Accidentally Revealing E-Mail Addresses of 300 Drivers

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883