IN 2016 UBER, the company responsible for the taxi ride app, concealed a hack that affected 57 million of its customers and drivers.
The company has now confirmed this. It also paid hackers
$100,000 (£75,000) to delete the data.
When Bloomberg broke the news, the former Chief Executive of Uber, Travis Kalanick confirmed they knew about the breach over a year ago.
It is reported that the hackers accessed 57 million names, email addresses and mobile numbers according to Uber.
600,000 of those affected were drivers who have had their names and licence details exposed. A resource page for those affected has been set up and drivers have been offered free credit monitoring protection.
Uber has said it will not be offering the same to customers.
A statement from Uber reads: –
“While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection,” Uber’s chief executive Dara Khosrowshahi said.
“None of this should have happened, and I will not make excuses for it,” he added.
“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
In the wake of the news, Uber’s chief security officer Joe Sullivan has left the company.
However, Uber has not said which countries are affected nor did it confirm any precise details.
According to the report ty Bloomberg, two hackers managed to access a private are of GitHub, which is an online resource for developers. It is believed they then found Ubers log in credentials to Amazon Web Services, which is a cloud computing service used to store data and used by companies.
Covering up such a hack is likely to be more troublesome to Uber than the hack itself.
Regulators require companies to disclose significant data breaches, something Uber, by its own admission, failed to do in this particular case.
This is not new. Last January Uber was fined $20,000 for its failure to disclose a breach of far less significance in 2014
For those heading up the Uber management team, it is not an easy ride. They appear to go from one crisis to another.
This latest scandal looks set to drive an even deeper wedge between Uber’s former Chief Executive, Travis Kalanick and Benchmark, the shareholder that took away the top job from him and tried to get him thrown of the board.
They did manage to leave their hostilities aside so that an investment from the Japanese conglomerate Softbank would go ahead, an investment thought to worth up to $10bn.
The fact that Uber concealed a huge data breach, with Mr. Kalanick knowing about it a year ago will not help.
The investment from Softbank is seen as significant for Uber because it will result in a major reform of its board, helping the business to improve its corporate governance which is desperately in need of an overhaul.
Uber’s new chief executive Dara Khosrowshahi said in a statement regarding the data breach that the company needed to be open and honest if is to “repair our past mistakes”.
Rajeev Misra, a board director at Softbank, described progress on a deal with Uber as “long and arduous”.
Dara Khosrowshahi appears to be starting as he means to go on
By setting out to be open and honest.