Got a recycled number and now I'm seeing someone else's account on Ola

wizzlesticks on 02/05/2020 - 15:53
Last edited 02/05/2020 - 16:54

TLDR: Got a recycled number which has given me the ability to use someone else's credit card on Ola.

Today I got a brand new phone (Android based), and activated my prepaid Optus SIM. The first thing I wanted to do is sign up for a new Ola account using an Ozbargain referral link, so I did, and installed it without issue.

Here's where it gets strange. When I opened the app for the very first time, it asked whether I wanted to proceed with number or sign in to a Google account. I chose to use my number, and got the verification SMS which automatically signed me in. And the very first thing to pop up on the Ola app was to rate the last ride (taken August 2019)!

I thought what the heck, this must be someone else's account, even though I got a brand new phone number (not ported). And since I couldn't exit out of the rating view without selecting a star rating, I instead chose to select support and send customer service a message. To make matters worse, when I typed over the email address that was already pre-populated, it didn't accept my message because my email wasn't the registered email.

I tried using a desktop device to sign in, and that worked, but got the same issue in not being able to send a support request without leaving someone else's email in that field. The worst part is, that person's credit card info is still in the app. Even though I can't see it in full, it's there.

I'm thinking this is a pretty severe data breach issue and want to escalate this, but it's impossible to reach Ola through the app for the reasons mentioned above.

Mobile

Related Stores

Ola Australia
Ola Australia

Comments

  • oscargamer on 02/05/2020 - 16:11

    How long have you had your phone number? If it's only been a short time, then the number had been recycled. If you've had it since before August 2019, then it's weird.
    Not sure it had anything to do with the handset. Just the phone number.

    • wizzlesticks on 02/05/2020 - 16:18

      The phone number was issued and activated today. It's less than two hours old.

        • wizzlesticks on 02/05/2020 - 16:27
          +7

          Yeah, this was all explained in my post.

          Issue is concerning the data breach.

          • oscargamer on 02/05/2020 - 16:45

            @wizzlesticks: Ok.

            What data do you have of this other person? Or do you only think the cc data is there?

            • wizzlesticks on 02/05/2020 - 16:51
              +1

              @oscargamer: Their name and email, all previous ride history (likely to and from their home address), as well as being able to request rides using their credit card info. It's not hard to see this is an issue.

              EDIT: Obviously their cc info is partially concealed, but it doesn't prevent me from charging a ride to it.

                • wizzlesticks on 02/05/2020 - 17:53
                  +4

                  @oscargamer: Never asked that. Just complained that I couldn't get through to Ola to explain the issue.

                  I thought the forums might find this interesting. Lighten up a bit please.

                  • lew380 on 03/05/2020 - 16:52

                    @wizzlesticks: Surely there is a way to contact ola and get them to reset your number? even if you just call them and explain the problem, they are clearly entirely unaware and you wont be the first, or last user to experience the problem!

                    It's noble of you not to abuse the system and take a ride!

                    • trapper on 13/05/2020 - 11:30

                      @lew380:

                      It's noble of you not to abuse the system and take a ride!

                      Noble? It would be a crime if he did that.

                • Ryanek on 03/05/2020 - 09:36

                  @oscargamer: Lighten up mate, sheesh.

              • whooah1979 on 02/05/2020 - 17:43
                -2

                @wizzlesticks: This sounds like the tracking app the government wants Australians to download.

                • [Deactivated] on 03/05/2020 - 13:24
                  +1

                  @whooah1979: Nah the government app would be much better made with fewer security flaws.

  • pmdg777 on 02/05/2020 - 16:14
    +2

    book some free rides

    • [Deactivated] on 03/05/2020 - 00:34
      +4

      You condone stealing. Bravo.

      • gooddealmate on 03/05/2020 - 09:32
        +1

        Ola would most likely end up paying for them as it's their stuff up.

        Not that that is an excuse though.

  • ashdays on 02/05/2020 - 16:24

    Looks like you've got a recycled number.
    If you like the number then use Android feature to block any unwanted calls.

    If you are not happy then request a new number. Your handset seems fine

  • pingualien on 02/05/2020 - 16:39
    +3

    you hit the jackpot, you actually get unlimited free rides

    • wizzlesticks on 02/05/2020 - 16:41
      +1

      Even if I was dishonest and did that, I'm sure the receipts would be sent to the previous owner's email.

      • CheapieChippie on 02/05/2020 - 17:27
        +2

        Could be someone who is deceased as well. Don't want the ghosts coming after you. If you believe in that stuff. x_X!!!!

        Usually when you choose a nice looking number, e.g. from Amaysim. It's usually from a deceased more often than not… I always leave the number activated on a PAYG plan and let the calls ring out with a new voicemail message, for at least half a year before using it. In this period you also find out what services were connected to that number.

        Been there.

  • ausmechkeyboards on 02/05/2020 - 17:04
    +2

    There's a lot more you could have access to. Try download Viber and Telegram, maybe even WhatsApp.

    It sucks but that's the state of consumer tech in 2020.

  • CheapieChippie on 02/05/2020 - 17:22
    +1

    This is quite common. If I recall there are several companies that retain data many years after the customer has stopped services.

    I've had someone's GIO insurance connected to my new number.

    There needs to be legislation designed to prevent this. How to implement it may be challenging as if we introduce limits on inactivity. People might unnecessarily lose accounts, but that shouldn't matter in cases where it is provisioning of services rather than retaining useful information like an email provider.

    I think we should lobby for changes. This is absolutely not good. Literally got an SMS stating similar to "Sam your renewal is up for direct debit soon".

    To look at it another way:

    It's not going to inconvenience anyone if their OLA or UBER account is disabled after a few months inactivity. It literally takes seconds to signup again. Why don't we have rules around this?

    • wizzlesticks on 02/05/2020 - 17:48
      +3

      What would help is if there was a time limit on reusing recycled numbers. EG 24 month minimum before a number can be reused. It wouldn't completely fix the problem, but would at least give enough time for many services to drop off.

      In Ola's case, this has exposed a flaw in their sign up process. I could forgive them for sending me text messages, but getting access to someone's personal information and credit card is not acceptable.

      • teardrops21 on 03/05/2020 - 14:33

        Deactivated numbers are only put into quarantine for 40 days before they are available to be reused

  • John Kimble on 02/05/2020 - 17:35

    I know it's for drivers, but surely they can point you in the right direction or pass on your details to the correct team if you contact them and explain the situation to them on the below?

    https://ola.com.au/driver/drivers-guidelines/driver-support-…

  • CC123 on 02/05/2020 - 17:46
    +2

    Contact them via Twitter/Facebook
    I had an issue which failed to be resolved within the app (received an auto-response). Contacted them via Twitter and the issue was resolved within 24 hours

  • AustriaBargain on 02/05/2020 - 17:48
    -1

    I thought what the heck, this must be someone else's account

    You didn't think "wtf", it was really heck?

  • wizzlesticks on 02/05/2020 - 17:50
    +3

    I spend too much time with my great aunt.

  • thatonethere on 02/05/2020 - 18:14
    +1

    I got a phone for my daughter a few years back. Recycled telstra number for a b grade celeb in Australia. Lots of debt collector calls, requests for make-up sessions and invites to nightclub openings….

    • wizzlesticks on 02/05/2020 - 18:23

      Classic!

    • AirbusA389 on 02/05/2020 - 20:15

      who are the A grade celeb?

      those in Canberra?

      • thatonethere on 05/05/2020 - 19:23

        No it was a Melbourne one

    • [Deactivated] on 02/05/2020 - 21:37

      How did you get it to stop?
      We were in a slightly similar situation in that the number we got for our spare phone was 1 or 2 digits away from that of an escort. At first, it was hilarious receiving txt messages from strangers telling me how pretty I was, complementing me on the perkiness of my erm chest area , begging me to come to their state and generally trying to book my services. But it got old pretty quickly and there was not much we could do about it, so we got a new number.

      Edit: That was a couple of years ago . I've just looked her up: she's still advertised on that website with the same phone number that was so close to mine.

      • thatonethere on 05/05/2020 - 19:24

        The debt collectors were easy. I just said you are ringing a 12 yo girl so probably best to stop. They stopped.

        The random booty texts and nite club invites still come in…

    • dan76n on 03/05/2020 - 06:50
      +1

      Seperate thread alone here with a poll for us to guess who it was.
      I’ll start with George Calombaris.

  • bdl on 02/05/2020 - 19:03

    Good luck, Ola's support are hopeless :(

  • DashCam AKA Rolts on 02/05/2020 - 20:42
    +8

    If you can, find the pre-populated email address again, and send the info that you have provided here. They should be able to contact Ola and begin to sort out the Ola issue at least.

    • Ramrunner on 03/05/2020 - 11:03

      Wow real, logical, sensible advice - I must be in the wrong forum!

      • MontyMacaw on 04/05/2020 - 08:47
        +1

        Sometimes the simplest ideas are the best

  • realfancyman on 03/05/2020 - 01:11
    +2

    Always thought it was terrible that Ola use a phone number as the only means of authentication. Needs to be phone number + password

    • Ryanek on 03/05/2020 - 09:38
      +1

      Exactly. Phone should be used for two factor authentication.

  • giftcardinspector on 03/05/2020 - 08:11

    Olas support are useless.
    I changed credit cards and forgot to update Ola. Realised and tried to change it after I'd booked a ride.
    It ended up trying to charge my old card, and kept sending me sms messages to pay the $6 I owed by following a link.
    The link didn't work, it just took me to Olas website. I contacted them multiple times to pay them before I gave up.

  • MontyMacaw on 03/05/2020 - 10:57

    I had a recycled number with crap coming in the way of calls and friends messaging for 2 years!! This was for multiple previous owners of the number. I put up with it thinking it would stop. Then it got worse: debt collectors and even a text from the court telling me I had to turn up for court or else. I contacted the court and yes it was legit!! But not for me.

    Finally went to my phone provider and they gave me an unrecycled number for no charge. They usually charge $50 to change.

    I can see you’re trying to do the right thing but it may just stress you out over time. Call the phone company and get it changed anyway because there may be other crap later on.

Login or Join to leave a comment
Login Join