Ounass ‘glitch’ exposed customer bank details, addresses

The UAE online shopping platform owned by Al Tayer Group denied a data breach

Lubna Hamdan 1 Min Read

Some customers shopping on e-commerce platform Ounass have had their personal data compromised in an incident the company has called a “glitch”. 

Shoppers on the platform’s app reported access to other customers’ names, addresses, email addresses, phone numbers and redacted bank details over the weekend. It is unknown how many account holders have been affected.

Twitter user @SarahJBahar said on Saturday she was able to “access personal data, baskets and Amber loyalty points for 4 customers and counting… Someone has AED45k worth of goods in their basket with bank card details saved in the app.” 

Another user, Budoor AlBudoor, reported the same.

“Same here and the fact that they’re aware of the glitch but still pretended in their email like they don’t know what I’m talking about and wanted screenshots…” she tweeted.

While some customers said on Twitter the incident is likely to be a data breach, Ounass’ customer care account denied the claims.

User Rachel McArthur said, “This is definitely a data breach, and their passive-aggressive responses to you are not helping their cause,” to which Ounass replied, “It is not a data breach. We are not giving away customer’s passwords. It is indeed a glitch where you can see a different email address on account. And we will work on this issue immediately.”

It added, “We apologize for the glitch incident on our App and this will be solved as fast as possible”.

Frankly has reached out to Ounass for a comment.

The luxury e-commerce retail platform was launched by one of the UAE’s largest holding companies, Al Tayer Group, in 2016. It is widely popular for its 2-hour express delivery service.