Uber has revealed that it was subject to a significant data breach in 2016. The personal details of as many as 57 million customers and drivers were taken.
Uber has said that the stolen data included the email addresses and phone numbers of 50 million Uber customers from around the globe. The personal information of about 7 million drivers was taken too. According to the company 600k US driver’s license numbers were stolen. They have also said that no social security numbers, credit card information, trip location details or other data like were compromised.
Perhaps more shockingly the company was aware of this breach and actually paid off the hackers to keep them quiet. A pay off of $100k was authorised by senior staff at the time and two senior employees, including the chief security officer and a junior colleague, have since been fired.
Dara Khosrowshahi became the CEO of Uber in September and said: “None of this should have happened, and I will not make excuses for it. We are changing the way we do business. At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.”
The most troubling aspect of this incident is the cavalier approach Uber has taken to fostering trust. The paid for cover-up is worse than the initial hack. And when they now say that no credit card details were stolen, for instance, what reason is there to trust that statement? It is also astonishing that they have treated their drivers and their data in such a dismissive manner.
Hacks happen. But it’s how a firm deals with them that counts and, although this isn’t the biggest hack of recent years, it is certainly one of the most troubling.
One Response
i was still on the fence regarding Uber. it has its pros and cons.
however this isn’t the first time i’ve seen major shortfalls in their ethics as a company, or their respect for people using the company.
remember ‘God mode’? Uber can track you everywhere, anywhere, at any time, whether you’re in an Uber or not. they just follow you round the place because they can. they were quite proud of showing this toy off to random people that came into the office. “Hey want to find out what your ex is up to? if she has a Uber account we can track her phone right now”.