Early on Tuesday last week, one of the leading lights of Pakistan’s startup ecosystem became the centre of an embarrassing but seemingly harmless hacking incident. At 12:01 PM in the afternoon several Bykea users received a pop-up notification from the application.
Hackers had breached a third party application and sent two obscene and abusive messages to users as a nationwide app notification. The incident ignited a firestorm of jokes and mockery on social media, with rival companies joining in on the fun. Bykea quickly bounced back from the attack by the end of the day, and affirmed that no personal data was leaked.
But this was not a joke. It was a not so pleasant trip down memory lane for both users and tech companies alike. However, the incident did show that Bykea had learned from the mistakes of those before them, by only having an ancillary part of their business affected. Had they stored sensitive user data on their app’s domain and had that been compromised, the incident would’ve been a lot more serious. But what about other companies? Have they learned their lessons too? And will they be as lucky when hackers strike again?
Let’s start with what happened at Bykea last Tuesday.