T-Mobile's rideshare advertising network, Octopus Interactive (Play Octopus) sent an e-mail out to drivers on Thursday afternoon after stating that drivers may have noticed that the driver dashboard was unavailable due to maintenance.
The Play Octopus tablet is pretty popular among drivers since Uber and Lyft drivers can sign up for a free tablet, drive around, and earn advertising revenue. This is popular among riders because they get to play games with a chance to win cash prizes.
The e-mail sent on June 30, 2022, was sent to all drivers who have the Play Octopus tablet and notified drivers if they had been breached or not. It claimed that this was "an isolated security threat and [Play Octopus) immediately shut the dashboard down for maintenance and further investigation." and that the issue had been resolved.
It is unclear if any rider's or advertisers' information/accounts had been compromised and the e-mail is pretty vague. However, they listed some of the "security features to mitigate risk moving forward."
Some of the changes include:
- Two-Factor Authentication (code sent to the driver's phone when logging in)
- Auto-log-outs after a period of inactivity
- An additional code will be sent to the driver's phone when they try to cashout
- A cooling period will require a driver to wait 24 hours after changing the direct deposit method on file before being able to cash out.
These are pretty basic changes that were much needed and really point to a bad actor cashing out drivers' earnings during the security breach. We have not received any e-mails regarding the breach from an advertiser or rider, but if you fall in this category, feel free to contact us.
We have reached out to Play Octopus for comment and will update you if we hear back or receive any additional information.
T-Mobile acquired the rideshare advertising network in January of 2022 and claim's to be "The world's largest rideshare advertising network".