Recent allegations of a data breach have sent shockwaves through the popular Sri Lankan ride-hailing platform, PickMe. The alleged breach, which first came to light in August, is reported to have exposed data from the year 2020, impacting around 4 million customer records.

The leaked data reportedly contains a trove of sensitive information, including approximately 1.8 million email addresses, 2.8 million unique phone numbers, and about 1.4 million hashed passwords. Perhaps even more concerning is the claim that the breach may extend to other critical data, including credit card details, as indicated by sample data disclosed by the party responsible for the leak.

In response to these allegations, PickMe has issued a statement, assuring its commitment to data security and swift action to address the situation. The statement reads, "We've taken swift actions to investigate these allegations thoroughly, in line with our rigorous data protection measures. We remain dedicated to safeguarding your data. Thank you for being part of our journey."

The ride-hailing platform categorically denies the data breach claims and takes the opportunity to highlight several security measures already in place:

1. Tokenized Credit Card Information: PickMe emphasizes that it never stores credit card information, utilizing tokenization for enhanced safety.

2. SMS OTP Login: To bolster security, PickMe has recently upgraded its login system to include SMS OTP (One-Time Password) verification.

Despite these reassurances, the data breach allegations have caused concern among PickMe users and the broader public. Many are closely monitoring the situation as investigations into the breach continue.