430k Cabify drivers’ records stolen, hackers claim

Published: 17 November 2025
Last updated: 19 November 2025
revenge on hackers
Image by Cybernews

The allegedly stolen details include a wide range of personal information, ranging from home addresses to Facebook account IDs. Researchers believe exposed drivers could be targeted in social engineering attacks.

The attackers announced the alleged breach on a popular data leak forum, one of many underground marketplaces that are often used to publicize and sell stolen records. According to the data thieves, the database contains over 430,000 records taken from Cabify, a popular Spanish ride-hailing platform.

Headquartered in Madrid, Cabify operates in Spain and Latin American countries, including Colombia, Argentina, Peru, Uruguay, and others. The Ibero-American company reported revenues approaching $900 million last year.

ADVERTISEMENT
Cabify data
Attackers' post on the data leak forum. Image by Cybernews.

We have reached out to the company for comment and will update the article once we receive a reply.

Meanwhile, the Cybernews research team investigated a data sample attached to the post. According to the team, the database appears to include information about Cabify drivers. The allegedly exposed details include:

  • Full names
  • Home addresses
  • Email addresses
  • Phone numbers
  • Facebook account kit IDs
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

“The exposed information creates ample opportunity for attackers to employ social engineering tactics against exposed individuals. Facebook account kit IDs could help attackers to identify people online,” our team explained.

Cabify drivers’ personal records, coupled with indications of their online presence, enable attackers to target exposed individuals with scams and identity theft. For example, attackers could attempt to impersonate Cabify or other legitimate ride-hailing services to trick exposed individuals into clicking on malicious links and downloading malware.

Other misuse instances could include black market sales, as identity packages are a valued item on the dark web. Malicious actors can use details to bypass verification processes or even hijack accounts to use ride-hailing services illegitimately.

ADVERTISEMENT

Unlock more exclusive Cybernews content on YouTube

Share
Post
Share
Share
Share
Español English Português (BR) Français Niederländisch Deutsch Italian (IT)
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked