Cyber Incident Victim: OLX Group

In August 2015, OLX Group-owned classifieds platform Dubizzle UAE disclosed a security breach affecting a small percentage of its user database. The incident was detected by Dubizzle's internal team, who subsequently notified affected users via email over a weekend, instructing them to immediately change their passwords. The company confirmed unauthorized access to several user accounts and passwords but emphasized that only approximately 1% of its UAE database was compromised. As a standard security protocol, Dubizzle proactively reset all UAE user passwords to contain the breach and prevent further unauthorized access. General Manager Barry Judge clarified that the breached database contained no financial information, credit card details, or plain-text passwords, noting that financial data was encrypted and stored separately on a third-party secure network. The company reassured users that payment systems remained uncompromised throughout the incident.

Dubizzle's response included immediate forensic investigation and infrastructure enhancements following the breach. Security teams applied forensic tools and practices to analyze the incident, though specific technical details of the attack vector were not disclosed. The company issued public advisories urging users who recycled passwords across multiple platforms to change those credentials as well, explicitly warning against password reuse. Judge confirmed ongoing security infrastructure improvements but did not specify the nature of these upgrades. No financial losses or theft of payment information was reported. The incident primarily impacted account credentials for a limited subset of UAE users, with no evidence suggesting broader regional or systemic compromise of OLX Group platforms beyond Dubizzle's UAE operations.