Uber just gave its users another reason not to trust the company

Javier Stokes
November 23, 2017

Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken.

Tech Crunch also added that Uber could face problems in their home state of California for the attempted data breach cover up.

Stolen files included names, email addresses, and mobile phone numbers for riders, and the names and driver license information of some 600,000 drivers, according to Uber. "This data is nearly never monitored or secured, and as we can see here, it is often stored in various locations and is often easily accessed by nefarious actors", says Terry Ray, CTO of data protection company Imperva. Uber paid the hackers in an effort to hide the breach and said it subsequently identified the individuals involved and "obtained assurances" that the downloaded data had been destroyed. No social security numbers, credit card info, or trip details were obtained in the October 2016 attack.

Affected drivers will get free credit monitoring and identity theft protection. After all, the company has an established track record of engaging in unethical and possibly illegal practices while skirting government regulators.

However, more than a fifth (21 percent) of respondents felt that such incidents probably happen all the time and so Uber's situation didn't bother them and over a quarter (27 percent) felt it was annoying but wouldn't stop them from using the service.

Broncos Turning to Paxton Lynch as Starting QB This Week
With Siemian at the helm, the Broncos nearly upended the Chiefs at home in a close game plagued by turnovers from the quarterback. They've continued to sputter under his watch, and their once dominant defense is no longer capable of carrying them.

Finally telling Uber users about the hack in a blog post yesterday, the company's CEO Dara Khosrowshahi gave a vague outline as to how the tech startup dealt with the hackers.

Uber agreed to pay the fee as long as the hackers stayed quiet and deleted the info. Within hours of the disclosure, a customer filed a lawsuit seeking class-action status, and New York Attorney General Eric Schneiderman launched an investigation.

The new management of San Francisco-based Uber said on Tuesday that it had only learned recently that personal information from about Uber 57 million accounts had been stolen in 2016.

Uber's silence about its breach came while it was negotiating with the Federal Trade Commission about its handling of its riders' information. Uber is appealing. ("I apologise for the mistakes we've made", Khosrowshahi said in response.) He then traveled to Brasilia to meet with officials there and ward off restrictions on Uber's business.

It's easy to look at the Uber data breach and its ensuing cover-up and localize it to Uber's rotten corporate culture.

Other reports by

Discuss This Article