The private details of almost 57 million Uber clienteles were stolen in a data breach of 2016. Uber somehow managed to cover up the loss of their information for over a year but here is what we know about this hacking up till now.
The ride-hailing company was hacked in such a way that the customer and drivers information was stolen from its system in this security breach. Uber confirmed that they have paid their hackers $100,000 to delete the stolen data and to keep this mess away from public eyes as reported by Bloomberg.
Uber’s Chief Executive, Dara Khosrowshahi claimed in a statement “None of this should have happened, and I will not make excuses for it,” while acknowledging the breach and trying to cover it up. He also said that “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
These hackers only stole personal data which included their names, email addresses, phone addresses and the name and license number of over 600,000 drivers in the United States. However, highly sensitive information such as credit card numbers, bank account number, birth dates, social security numbers and data location were not compromised and are still secure with the company.
Khoswrowshahi also exclaimed that the downloaded and stolen data has been destroyed to provide assurance to their customers and their company has increased their security as well. The company’s failure to notify the affected individuals and regulators has made Uber take some serious steps which included the firing of their two employees that were responsible for the response in 2016.
Joe Sullivan Uber’s Chief security officer was one of the employees who left the company as reported by Bloomberg. Chris Hoofnagle from Berkeley Center of Law and Technology agrees that the company’s refusal to unveiling the hacking was an unprofessional move and he says that “To have direct liability under security breach notification status is to not give notice.”
According to the Californian State Law, companies are required to notify the resident of the states regarding any breach of their encrypted information and the company must also inform the attorney general if over 500 residents have been affected in any breach or chaos of such kind.
An Uber driver from Pittsburgh, Robert Hudge says that “The hack and the cover-up is typical Uber only caring about themselves” and he said this because he has still not heard from the company and he found out about this breach through the media. He also claims that Uber keeps everything that goes with them behind their walls.
Uber offered their affected drivers free credit observation and identity theft protection. The hacking and concealment of this chaos is the latest scandal and Uber’s civil liability is complicated on United States federal court and how to treat these data breached lawsuits.
However, in February, a former employee, Susan Fowler blamed the company for gender discrimination and sexual harassment. The CEO again gave out a statement claiming “On behalf of everyone at Uber globally, I apologize for the mistakes we’ve made.”
Sources: Wired.com
