One Year Later, Uber Comes Clean On Hack Affecting 57 Million People

Ivan Schwartz
November 23, 2017

Bloomberg Technology reported Tuesday that Uber suffered a massive data breach in the fall of 2016 that exposed names, email addresses and phone numbers of 50 million customers worldwide as well as the personal information of an additional 7 million customers.

On Tuesday, Bloomberg revealed that Uber paid hackers $100,000 to hide a cyber attack that exposed the personal data of 57 million users of the app in October 2016.

"None of this should have happened, and I will not make excuses for it", Dara Khosrowshahi, who Uber named as CEO in September, said in a statement. He was not at the helm when it happened.

The hackers subsequently contacted Uber and demanded a $100,000 extortion fee to erase the data from their servers, a demand which the company agreed to, according to the report. The company even paid the hackers $100,000 to delete the data and keep quiet.

A collection of information of rider and driver was included in the AWS database which the hackers downloaded to ransom the company. After obtaining login credentials from that site, the attackers accessed data stored on an Amazon Web Services account where an archive of rider and driver information existed.

It may weigh on the company's valuation, now at about $70 billion, ahead of an initial public offering expected in 2019.

One of those actions was to terminate the two unnamed employees whose responsibility it was to respond security incidents, including the one that occurred in late 2016. Within hours of the disclosure, a customer filed a lawsuit seeking class-action status, and New York Attorney General Eric Schneiderman launched an investigation.

Google announces holiday deals in Play Store
Pay for one movie to watch at 50% and get 25% off one TV season for whatever show right after Cyber Monday (November 23). These titles include Call of Duty: Black Ops Zombies , LEGO Ninjago: Shadow of Ronin , and LEGO Jurassic Park .

Kim Kardashian, Rihanna, call for justice for teen sex save Cyntoia Brown
During her time in jail, she's studied for an associate's degree, according to U.S. news network Fox 17. According to reports , she serves as a mentor for other prisoners and is pursuing a master's degree.

Massive gas line fire burning in Orion Township
Stay with FOX 2 for updates. "It was actually pretty loud and shook all the windows in the house", he told the news station. Firefighters on Monday night, November 20th were called out to the scene of a massive fire in Auburn Hills, Michigan.

There was no indication that any fraud had taken place, Uber said in a statement.

The company's chief security officer Joe Sullivan has parted ways with the company following the announcement, the BBC reports. Regulatory authorities were being notified, the company added.

Uber has always failed to protect driver and passenger data.

If Uber wants to continue its rise across Europe, it has to reverse its attitude to hacks, come clean and work tirelessly to make its protections and reporting systems watertight, said Dean Armstrong QC, cyber law barrister at Setfords Solicitors.

The hack is another controversy for Uber on top of sexual harassment allegations, a lawsuit alleging trade secrets theft and multiple federal criminal probes that culminated in Kalanick's ouster in June.

In terms of scale, Uber's hack doesn't measure up to other major breaches.

Khosrowshahi inherited a litany of scandals and a toxic workplace culture when he replaced Kalanick.

Other reports by GizPress

Discuss This Article