Carge, the charging app for electric cars born from a startup, & egrave; in trouble. Between the evening of August 20 and the night of August 21, several charges were made communicated by Stripe, the digital payment system on which the application relies, also unduly withdrawing figures very important from your users' accounts … including myself:
The withdrawal, in the face of the obvious inactivity of the service, is was then accompanied by the official receipt email complete with a message full of racial insults to increase the dose and to hypothesize a hack against the company or the payment system :
Spread in Italy thanks also to the word of mouth of some groups dedicated to mobility ; that had initiated discounts through the app, Carge promised (and still promises) to be able to recharge while roaming through various operators at rates that are often lower than the official ones . A few examples? Enel X in alternating current at 0.32 & euro;/kWh instead of the classic € 0.40, Enel X in direct current at € 0.36; instead of 0.50 & euro; and IONITY at 0.65 & euro;/kWh instead of the official rate of 0.79 & euro ;.
Withdrawals were triggered on the accounts of different users, so much so that in the groups dedicated to mobility; electrical are many to show screenshots with attempts (successful or unsuccessful depending on the type of credit card used) of embezzlement of sums up to three zeros .
Shortly after what appears to be a full-fledged attack, probably exploiting an app security flaw, Carge's emails arrived with the reversal of the transaction . There remains the problem of the timing of the repayment : the $ 300 withdrawn from my account, for example, are still dispersed in the ether, waiting to understand when the liquidity; may & agrave; return available on my account.
Also, at the moment, the account is inaccessible , making it impossible to delete your credit card details except by contacting a customer support flooded with requests.
We already have; asked for a statement from the company and we will update the article. While waiting, one of the questions that need to be answered is: what other sensitive data has been compromised?
Update at 9:30 – With an automatic email to all customers, CEO and co-founder Lefteris Karabatsakis announced that all payments have been refunded thanks to the support of Stripe and sar & agrave; released a second email with the explanation of why & eacute; this happened. At the moment the company ensures that credit card details have not been stolen and that all future payments have been blocked for security reasons.
being updated
A computer inside a smartphone? Motorola Moto G100, on offer today from Amazon Marketplace for € 445 or from Amazon for € 489 .