Uber admits to covering up cyberattack that affected 57 million users

Uber hacked, data for 57 million people exposed

Uber is coming clean about its cover-up of a year-old hacking attack that stole personal information about more than 57 million of the beleaguered ride-hailing service's customers and drivers.

In October 2016 Uber suffered a data breach that saw the names, email addresses and mobile phone numbers of some 57 million users and driver partners exposed.

There are serious legal ramifications for Uber's decision not to immediately disclose the data breach.

However, hackers were able to download driver's license numbers of around 600,000 drivers in the United States. He was not at the helm when it happened.

Uber is notifying drivers whose licence numbers were swiped, and offering them credit and identity theft protections. But viewing this data breach cover up as an incident that only Uber could commit misses the writing on the wall.

Co-founder and ousted chief Travis Kalanick was advised of the breach shortly after it was discovered, but it was not made public until new boss Khosrowshahi learned of the incident.

The Uber announcement comes a few months after Equifax revealed that sensitive information of more than 143 million Americans had been exposed and is vulnerable to financial fraud. The hackers pulled it off by accessing a private GitHub coding site used by Uber software engineers and stealing login credential, which were then used to access data stored on an Amazon Web Services account.

At the time of the data breach, Uber was negotiating with USA regulators investigating separate claims of privacy violations.

Khosrowshahi added: "None of this should have happened, and I will not make excuses for it".

Uber also fired two employees who were responsible for providing information to hackers. The New York attorney general has opened an investigation into the data breach, a spokeswoman said.

Khosrowshahi said Uber had begun notifying regulators.

The company's chief security officer Joe Sullivan has parted ways with the company following the announcement, the BBC reports. "Deliberately concealing breaches from regulators and citizens could attract higher fines for companies", said Dipple-Johnson. "Interestingly here it's the fact that Uber covered up the breach that seems to have got people's backs up, clearly showing how important honesty is when dealing with such incidents". The hack didn't penetrate Uber's corporate systems or infrastructure, he said.

Uber has always failed to protect driver and passenger data. While Khosrowshahi is promising change, Kalanick's place in a leadership role serves as a reminder they are keeping someone who signed off on controversial issues tied to the company.

Related:

Comments

Latest news

Charlie Rose Accused of Sexual Harassment ... He Apologizes
CBS News President David Rhodes said there is nothing more important than assuring a safe, professional workplace. Rose has been one of three hosts of " CBS This Morning " since 2012 and is also a contributor to " 60 Minutes ".

Border agent injured in Texas dies
Mr Trump said the second officer injured on Sunday was "brutally beaten and badly, badly hurt", but "looks like he'll make it". Trump said, "We will seek out and bring to justice those responsible", and reiterated his call for a border wall with Mexico.

Arab League affirms solidarity with KSA's security measures
He added he would like to see global agencies carry out a "much more robust" job when conducting inspections in Iran. Iranian Foreign Minister Mohamamd Javad Zarif described as "ironic" Saudi accusing Tehran of "destabilization".

Android Oreo reaches final build for OnePlus 3 and 3T
OnePlus 5T, Samsung Galaxy S8 , or LG G6- that's not a comparison I thought I'd be making by the end of the year, yet here we are. The phones will receive firm's security updates on a regular basis so you don't need to worry about the security of your phone.

Other news