January 23, 2018

Main » Uber Paid Hackers to Hide Exposed Data of 57 Million Users

Uber Paid Hackers to Hide Exposed Data of 57 Million Users

23 November 2017

The hacking in 2016 of data on 57 million Uber riders and drivers, unveiled on Tuesday, is among the biggest ever thefts of online users' personal information.

In October of 2016, hackers successfully stole personal information belonging to 57 million Uber customers and drivers. However, the database that was breached did contain names and driver's license numbers of around 600,000 drivers.

The Uber chief executive, Dara Khosrowshahi, who took over in August, said in a blogpost there had been "no indication" trip history, credit card details, bank account numbers or dates of birth were downloaded by the hackers. He was not at the helm when it happened. It may have been because the information was easy for hackers to access on account of Uber's engineers being lax with security online (according to some reports), but regardless, the secrecy around the payout is pretty bad.

The news that ride hailing service Uber has suffered, and covered up, a major hack means that millions of people could unknowingly have had their data put at risk. "At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals", Khosrowshahi wrote in his post.

Khosrowshahi said he had moved proactively to address the issue, firing two of the security staff that led the response to the incident and engaging cybersecurity consultant Matt Olsen to revitalised the company's cybersecurity response plans.

Khosrowshahi said Uber passengers need not worry as there was no evidence of fraud, while drivers whose license numbers had been stolen would be offered free identity theft protection and credit monitoring.

Khosrowshahi says hackers accessed the data through a third-party, cloud-based service.

Attorneys general in at least four US states, Connecticut, Illinois, Massachusetts and NY, said they had launched investigations into the breach. "While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes".

"This wasn't simply a data breach", Rubin said.

Data protection lawyers at the Leigh Day legal firm said a huge number of claims could be brought against Uber by its customers as a result of the security failing.

Uber admitted that it failed to take the correct actions. The company is also notifying regulators after failing to do so one year ago.

Let's hope 2018 is a better year for them, shall we?

However, more than a fifth (21 percent) of respondents felt that such incidents probably happen all the time and so Uber's situation didn't bother them and over a quarter (27 percent) felt it was annoying but wouldn't stop them from using the service.

Uber has also come under fire over allegations of sexual harassment and a misogyny, culminating in a report from former Attorney General Eric Holder on its workplace culture.

Uber Paid Hackers to Hide Exposed Data of 57 Million Users