Uber Concealed Massive Hack that Exposed data of 57m Divers and Users
Uber concealed a massive global breach of the personal information of 57 million customers and drivers in October 2016, failing to notify the individuals and regulators, the company acknowledged on Tuesday, quoted by The Guardian.
Uber also confirmed it had paid the hackers responsible $100,000 to delete the data and keep the breach quiet, which was first reported by Bloomberg.
“None of this should have happened, and I will not make excuses for it,” Uber chief executive Dara Khosrowshahi said in a statement acknowledging the breach and cover-up. “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
Hackers stole personal data including names, email addresses and phone numbers, as well as the names and driver’s license numbers of about 600,000 drivers in the United States. The company said more sensitive information, such as location data, credit card numbers, bank account numbers, social security numbers, and birth dates, had not been compromised.
In his statement, Khosrowshahi said the company had “obtained assurances that the downloaded data had been destroyed” and improved its security, but that the company’s “failure to notify affected individuals or regulators” had prompted him to take several steps, including the departure of two of the employees responsible for the company’s 2016 response.
Uber chief security officer Joe Sullivan was one of the two employees who left the company, Bloomberg reported.
The company’s failure to disclose the breach was “amateur hour”, said Chris Hoofnagle of the Berkeley Center for Law and Technology. “The only way one can have direct liability under security breach notification statutes is to not give notice. Thus, it makes little sense to cover up a breach.”
Under California state law, for example, companies are required to notify state residents of any breach of unencrypted personal information, and must inform the attorney general if more than 500 residents are affected by a single breach.
“The hack and the cover up is typical Uber only caring about themselves,” said Robert Judge, an Uber driver in Pittsburgh, who said he had yet to receive any communication from the company. “I found out through the media. Uber doesn’t get out in front of things, they hide them.”
Uber said in a statement to drivers that it would offer those affected free credit monitoring and identity theft protection.
According to Bloomberg, the breach occured when two hackers obtained login credentials to access data stored on Uber’s Amazon Web Services account. Paul Lipman, CEO of cybersecurity firm BullGuard, said that holding that the fact that the data was being stored unencrypted was “unforgivable”.
“That’s just a complete misstep from an information security viewpoint,” he added.
The New York state attorney general’s office has opened an investigation into the data breach, a spokeswoman confirmed.
Clear Skies and Warmer Temperatures Expected in Bulgaria on October 8
On October 8, Bulgaria will experience mainly sunny weather
Over 300 Fatalities in Bulgarian Road Accidents Since Start of 2024
Since the beginning of the year up to September 30, nine children between the ages of 0 and 17 have died in traffic accidents in Bulgari
Greek Researchers Join Bulgarian Expedition to Antarctica, Thanking Their Hosts
Greek scientists have expressed their gratitude to Bulgaria for including them in an upcoming expedition to Antarctica
Clear Skies Dominate Bulgaria's Weather with Isolated Showers in the East
Monday's weather will be mostly sunny, with the possibility of rain showers in parts of Eastern Bulgaria
Shifting Perspectives: Why Affluent City Dwellers Are Ditching Their Cars
A recent report from consulting firm Arthur D. Little highlights a trend where wealthy individuals in urban areas are increasingly abandoning their cars
Strong Winds and Rain Expected Across Bulgaria This Weekend
Overnight and into tomorrow, widespread precipitation is expected, with more intense thunderstorms in Western and Central Bulgaria