Dog daycare business in Dubai says client details stolen in data breach

Client details have been stolen from a popular dog daycare centre in Dubai, the company said. Petsville, in Al Quoz, which offers boarding, daycare and grooming for pets, said the information was taken in a data breach. The client details were passed to a rival boarding service, which approached pet owners for business, it said. Owner Amr Youssef said his company emailed customers about the data theft and took legal advice before filing a criminal complaint to Dubai Police. He declined to name the rival company while investigations are ongoing. He suspects it was a former employee rather than a hacking incident. “We were alerted to the issue by several of our customers,” Mr Youssef said. “They showed us messages they had received from another facility, naming them, their dog and its specific details asking to come in for a tour to promote their business. “It is a very competitive industry, which we accept is good, but this was different and unethical. “Data was stolen and passed to a competitor to the detriment of our business.” Several daycare services operate in Dubai and offer indoor and outdoor facilities. Business has soared since the start of the pandemic because many people bought or adopted animals. Pet owners are now seeking daycare services as they return to their places of work. Kennels typically charge up to Dh100 a day for boarding. One Petsville customer, who did not want to be named, said he was approached by a rival centre offering services for his chocolate Labrador. “I received a text message saying a new boarding facility had opened and if I would be interested in transferring my dog over,” he said. “I know at least four other people who received the same message. It personally named me in the message, which was surprising as I had not given them my number. “I have been using Petsville for about 10 months and didn’t even know this other place existed, so it was strange.” Data protection and cybersecurity laws in the UAE prohibit the disclosure of client details and information without authorisation to do so. Federal Law No. 5 to combat cyber crime criminalises acts such as hacking – gaining unauthorised access to computer systems and information. But no financial information was leaked from Petsville’s customer database. Because many of Petsville’s customers are European, the EU’s General Data Protection Regulations could also have been breached in the data leak. The bloc’s rules on data protection aim to cut red tape for businesses across the continent and protect the rights of member states’ citizens. “EGDPR covers European citizens living abroad, so this data breach could be an issue under that legislation,” said Andrew Laity, a UAE data protection expert and marketing consultant. “Personal details are classified as sensitive information, and there are different hierarchies within that. “Healthcare information and financial records are at the top tier, but this could also be serious as it includes personal identifiable information. “In terms of UAE law, this essentially falls under a data breach from someone who has tried to profit.” Telecom provider Etisalat protects businesses by clamping down on unsolicited marketing messages and spam. On May 5, the company released updated instructions to govern and curb unsolicited marketing communications in the UAE for more than 300,000 small, medium and large enterprises. New regulations restrict promotional text messages to be sent only between 7am and 9pm, with a compulsory opt-out footer enabling customers to disable messages. Business operators using Etisalat services must obtain and store all verified consent and clearly define promotional or transactional material. All spam complaints should be responded to within 24 hours and a function added to allow for blocking promotional traffic.

Dog daycare business in Dubai says client details stolen in data breach

Following the apparent data theft, which was reported to Dubai Police, Petsville customers received unsolicited marketing