Home BreakingMassive breach and cover-up: Uber paid hackers to delete stolen data of 57m people

Massive breach and cover-up: Uber paid hackers to delete stolen data of 57m people

by
22nd Nov 17 9:02 am

The ride-sharing firm paid $100,000 to hackers to keep breach quiet

Uber concealed a massive cyberattack and breach of personal data of 50m users and 7m drivers in October 2016, and also failed to notify the individuals and regulators.

The New York Attorney Generalโ€™s office said it had opened an investigation into the data breach, in a sign of the legal reckoning that Uber could face from regulators around the world over its handling of the incident.

Read related story: Big Data in safe hands? China planning carrot-and-stick policy to create โ€˜sincerityโ€™ culture among citizens

The companyโ€™s former chief executive Travis Kalanick knew about the breach over a year ago, states Bloomberg which first broke the news.

The ride-sharing firm confirmed yesterday that it had paid the hackers responsible $100,000 to delete the data and keep the breach quiet.

The data includes names, email addresses and mobile phone numbers of users and driverโ€™s license numbers of about 600,000 drivers in the United States. The company said more sensitive information, such as location data, credit card numbers, bank account numbers, social security numbers, and birth dates, had not been compromised.

Uber has also stated to drivers that it would offer those affected free credit monitoring and identity theft protection.

โ€œNone of this should have happened, and I will not make excuses for it,โ€ Uber chief executive Dara Khosrowshahi said in a statement acknowledging the breach and cover-up. โ€œWhile I canโ€™t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.โ€

Khosrowshahi also stated that the company had โ€œobtained assurances that the downloaded data had been destroyedโ€ and improved its security, but that the companyโ€™s โ€œfailure to notify affected individuals or regulatorsโ€ had prompted him to take several steps, including the departure of two of the employees responsible for the companyโ€™s 2016 response.

According to Bloomberg, the breach occured when two hackers obtained login credentials to access data stored on Uberโ€™s Amazon Web Services account.

Leave a Comment

CLOSE AD

Sign up to our daily news alerts

[ms-form id=1]