HQ/EMEAFind out how we can help your business
Thaihub, a known threat actor, has successfully infiltrated the alleged Rapido database, compromising the personal and critical information of 153,954 customers.
The affected firm is an India-based bike taxi aggregator and logistics service provider. This compromised company was founded in 2015 and currently operates in over 75 cities nationwide.
According to our iZOOlogic researchers, the purported leaked information includes full names, titles, email addresses, work and mobile phone numbers, and other contact details.
The leak has also included Twitter handles, company details, addresses, time zones, languages, tags, and biographical data. However, the exact tactic by which the threat actor breached the firm’s database is unknown.
This detail implies that the company is still investigating the alleged attack before confirming any speculations about its true nature.
Thaihub published the supposed Rapido stolen data on BreachForums earlier this month.
Our researchers initially observed this data leak on the notorious dark web marketplace BreachForums, where a threat actor named Thaihub claimed that Rapido owned the leaked data.
The leak also indicates that the publisher offered the database on February 6, 2025. Still, the legitimacy of these claims is unconfirmed, as the affected company has yet to release a statement that addresses the incident.
On the other hand, our researchers also pointed out that the threat actor is not demanding any payment from the affected firm. Instead, it is actively selling the database for $99 on the illicit platform.
This information from the dark web posting may have caught the company off-guard since, unlike many other data breaches, this attack does not involve ransom demands. As of now, the claims will not gain traction unless the compromised firm confirms its authenticity or further investigation proves that the leaked data is, in fact, owned by Rapido.
Our research team advises organisations to prioritise implementing competent security measures, including consistent monitoring and security audits. These countermeasures could significantly contribute to preventing or mitigating similar attacks.
Customers should remain cautious and take precautions to protect their personal and professional data from exploitation.
