Bykea, a popular ride-hailing, mobility, and delivery app used by Pakistani users across several cities, experienced a security breach on Tuesday. The intrusion became evident when users started receiving inappropriate text messages from the application.
Apology and Assurances from Bykea
In response to the incident, the company said, “We apologize for the inappropriate messages sent through Bykea. We can confirm that this was a third-party communication tool which got compromised.” The company quickly took steps to address the situation and assured users that the app had been restored and was now “fully functional and safe to use.”
To support users facing issues due to the breach, Bykea also reminded them to reach out via their helpline.
Investigation and Measures Taken
Rafiq Malik, the Chief Operating Officer (COO) of Bykea, said that the company had started an investigation into the security breach with the implicated vendor. The investigation focuses on determining how the perpetrators “accessed” the Application Programming Interface (API). Malik reassured users, saying, “Tokens have been changed, and APIs have been disabled for now. The app is safe to use.”
Bykea, available in Rawalpindi, Islamabad, Karachi, Lahore, and Wah, is a widely used service in Pakistan, with approximately 100,000 daily users and over five million downloads on Google Play Store.
The incident underscores the importance of robust digital security measures in an increasingly interconnected world.
