Uber admits to covering up a huge data breach of 57m people

Uber has revealed it recently concealed a hack that affected 57m drivers and customers.

The breach happened in 2016, and was hidden by the firm which paid hackers $100k (around £75k) to delete the stolen data.

Dara Khosrowshahi only took over as Uber’s chief executive this summer, who declared the news on the company’s website. He said that two employees were responsible for the handling and they have since left the company.

Following on from this, Rik Ferguson, vice president security research at Trend Micro, said: “There is no question that the previous management and security team at Uber failed in their responsibility to their drivers, to regulators, to justice and to their customers.

“That’s a long list. However certain those responsible may have been that their attackers had been silenced, digital theft does not work the same way as in the physical world. You can never ‘buy back the negatives’ once data has been stolen.”

It has been said that 57m names, email addresses and mobile phones were leaked, and 600,000 drivers had their licence details exposed, but no security codes or bank details have been claimed.

Sam Curry, Cybereason’s chief security officer, added: “Who watches the watchers? The truly scary thing here is that Uber paid a bribe, according to news reports, essentially a ransom to make this breach go away and they acted as if they were above the law.

“The new CEO and management team are doing the right thing and making the difficult choices. However, difficult consequences still have to follow.

“And above all, this is a wake up call to the industry that CSO’s have a responsibility not just to the companies they work for, but the people whose data is affected.”

Drivers have been offered free credit monitoring protection, although the same cannot be said for Uber’s customers.

It seems that Uber is receiving one blow after another, and this latest scandal is threatening an already fragile business to cease.

What are your thoughts? Tweet us @BdailyLondon.

Looking to promote your product/service to SME businesses in your region? Find out how Bdaily can help →