Uber recognises need for consumer trust after breach cover up

Alicia Cross
November 23, 2017

Uber revealed on Tuesday that hackers stole the personal data of 57 million users, declining to announce that it paid the same hackers $100,000 to delete the data and keep things quiet.

Part of the reason nothing malicious has happened is because Uber acknowledges paying the hackers $100,000 to destroy the stolen information.

There are serious legal ramifications for Uber's decision not to immediately disclose the data breach.

In late 2016, people's data was compromised including names, email addresses and phone numbers, the company said tonight.

The names and driver's license numbers for 600,000 Uber drivers in the USA were also stolen, Uber CEO Dara Khosrowshahi said in a statement.

To be fair, this is not th fault of Uber CEO Dara Khosrowshahi, who recently replace Travis Kalanick as the ridesharing company's boss. He was not at the helm when it happened.

"Given the current climate around data security and breaches it is astonishing that Uber paid off the hackers and kept this breach under wraps for a year", said David Kennerley, director of threat research at Webroot. The Uber data breach was concealed by the company for more than a year, according to the report, thanks to efforts by the company's former CSO and another member of the infosec team.

HEADS UP: Amazon Australia Is Officially Opening Its Virtual Doors Tomorrow
Amazon will stock its own labels plus private label brands, with products initially expected to be shipped out of a warehouse in Melbourne.

Iranian Hacker Charged in HBO Hack That Included 'Game of Thrones' Script
He was able to compromise multiple accounts and used them to obtain unauthorized access to the company's network. Mesri is accused of orchestrating a hack of HBO from May to August, then threatening to release stolen data.

Ranveer Singh on 'Padmavati' row: I've been asked not to say anything!
Meanwhile, a complaint has been filed against Suraj Pal Amu in Gurugram for his comments on the actress and over the film. The reasons range from the picturisation of film's song, Ghoomar, to alleging that the film is distorting history.

According to a statement Uber released on Tuesday, two individuals outside the company inappropriately accessed user data stored on a third-party cloud-based service in October 2016 and downloaded files.

In September, the agency revealed its EDGAR system, a platform that pools financial reports on publicly traded companies, has been breached in 2016. Uber is appealing. ("I apologise for the mistakes we've made", Khosrowshahi said in response.) He then traveled to Brasilia to meet with officials there and ward off restrictions on Uber's business.

The New York attorney general has opened an investigation. "We have seen no evidence of fraud or misuse tied to the incident", Uber said in a statement.

Uber has always failed to protect driver and passenger data. The company is also notifying regulators after failing to do so one year ago.

Schneiderman's office determined that the earlier hack took advantage of access information posted by an Uber engineer at software development platform Github. Uber said it believes the information was never used but declined to disclose the identities of the attackers.

Bloomberg first reported news of the hack. It was also in blue moon due to the sexual harassment case. "Interestingly here it's the fact that Uber covered up the breach that seems to have got people's backs up, clearly showing how important honesty is when dealing with such incidents".

Other reports by Free-Prsite

Discuss This Article

FOLLOW OUR NEWSPAPER