Bicycle-sharing operator oBike is reviewing the security of its app, following a leak that affected its users' data in 14 countries
oBike reviewing app security after international user data leak Bike-sharing company oBike is reviewing the security of its app following a leak that made unencrypted user data available online. ST PHOTO: KUA CHEE SIONG

Bicycle-sharing operator oBike is reviewing the security of its app, following a leak that affected its users' data in 14 countries.

Bavarian news agency BR24 reported last week that data such as unencrypted oBike user data - like names and ride location - were accessible online.

A spokesman for the Singapore-based firm said it was made aware of the issue two weeks ago, and worked quickly to resolve it immediately. He added that it affected only a handful of users.

"As (we are) a tech company, users' data and security are of paramount importance to us," he said, adding that credit card details and user passwords were not stored in the app and were not leaked.

The leak resulted from a gap in the oBike app's application programming interface (API) that allowed users to refer their friends to the firm's services.

"We have since fixed the loophole by disabling the API and created additional security layers," the spokesman said, adding that the systems were now fully restored and secure.

"We are relooking the sharing and security functions of the app, to ensure that no further user data is compromised."

oBike rolled out its bikes in Singapore in January and has since expanded to other cities worldwide such as Melbourne and London.