Uber hacked and paid up $100000 for concealed data
- Author: David Armstrong Nov 23, 2017,
Nov 23, 2017, 0:30
Tuesday's data breach revelations are yet another setback for Uber, a private company that is valued at about $70 billion.
The two people downloaded the data, which included names, email addresses and mobile phone numbers of Uber users around the world and the names and driver's license numbers of 600,000 US drivers, Khosrowshahi said.
The company took immediate steps to secure to secure the data and shut down further unauthorized access by the individuals.
A SECRET data hack affecting 57 million Uber customers and drivers has been exposed.
Other information, including trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were not obtained, according to forensic experts working with Uber. In September, the agency revealed its EDGAR system, a platform that pools financial reports on publicly traded companies, has been breached in 2016.
"Uber CEO Dara Khosrowshahi's statement that there is no excuse for what happened and Uber will be putting integrity and trust at the core of every business decision is a welcome message", he said. Uber bad days will pass once the company take several precautionary measures.
The severity of the incident was compounded amidst revelations that the company had paid $US100,000 ($A132,000) to the hackers to delete the data. Uber said it believes the information was never used but declined to disclose the identities of the attackers. However, the database that was breached did contain names and driver's license numbers of around 600,000 drivers.
Two hackers managed to access personal information they stole from a "third-party cloud-based service".
The breach seems to have occurred via development platform Github where hackers accessed the accounts of two Uber engineers who had uploaded the data to online storage for testing.
'I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it'.
Hackers hit Uber, exposing the critical information of 57 million people who use the popular ride-share service.
Khosrawshahi adds, "while I can't erase the past, I can commit on behalf of every uber employee that we will learn from our mistakes". Around that same time, the company was in the midst of settling issues with both the NY attorney general and the FTC over the handling of the customer data.
The National Cyber Security Centre (NCSC) is investigating if this breach has affected Uber customers in the UK.