I’ve never used a ride sharing service such as Lyft, but my wife has used Uber a few times. Never again. Lyft is looking into allegations that employees used passenger data to stalk people & find the phone numbers of celebrities.
It’s a perfect example of what happens when policies aren’t enforced. Lyft has policies in place limiting who has access to personal data and ride-history of passengers, but employees using the anonymous workplace app Blind seem to have blown the whistle. They stated that while policies were in place, enforcement was practically nonexistent.
According to Josh Constine at TechCrunch:
[passenger data] was said to be used to look up ex-lovers, check where their significant others were riding and to stalk people they found attractive who shared a Lyft Line with them. Staffers also could see who had bad ratings from drivers, or even look up the phone numbers of celebrities. One staffer apparently bragged about obtaining Facebook CEO Mark Zuckerberg’s phone number.
I tell you what, my wife isn’t using ride sharing anymore.
Standard Cyber Security Lacking at Lyft
To be honest, one of the biggest culprits here is the speed at which companies like Uber and Lyft hit the big market numbers. The companies really hit onto an idea that was quickly marketable and profitable causing exponential growth.
It’s the kind of growth that kills companies. Their cyber security practices resemble those of a 5-man startup instead of a billion-dollar corporation. They grew so fast, they never had time to develop the more ‘unsexy’ parts of the business. Implementing standard procedures such as separation of duties, 3rd party security audits, and access control could mitigate the potential for passenger spying.
Other Problems to Come?
Lyft’s lack of concern for the protection of its data from unauthorized access is unnerving. If not for the fact that their employees spy on you, for the fact it also means your payment data probably isn’t very well protected from hackers either.
Do you use Lyft? After knowing you could be spied on, would you still use it?