Uber is usually in headlines Just as before—in which time for concealing last year’s data breach in which exposed personal data of 57 million customers as well as drivers.
On Tuesday, Uber announced in which the company suffered a massive data breach in October 2016 in which exposed names, e-mail addresses as well as phone numbers of 57 million Uber riders as well as drivers along with driver license numbers of around 600,000 drivers.
However, instead of disclosing the breach, the company paid $100,000 in ransom to the two hackers who had access to the data in exchange for keeping the incident secret as well as deleting the information, according to a report published by Bloomberg.
Uber said none of its own systems were breached, rather two individuals outside the company inappropriately accessed as well as downloaded 57 million Uber riders’ as well as drivers’ data in which was stored on a third-party cloud-based service.
The cyberattack exposed the names as well as driver license numbers of some 600,000 drivers inside the United States, as well as the names, emails, as well as mobile phone numbers of around 57 million Uber users worldwide, which included drivers as well.
However, the company said various other personal details, such as trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth, were not accessed inside the attack.
Uber Hid 57 Million User Data Breach For Over a Year
According to Bloomberg report, former Uber CEO Travis Kalanick learned of the cyber attack in November 2016, when the company was negotiating with the Federal Trade Commission (FTC) on a privacy settlement.
So, the company chose to pay the two hackers $100,000 to delete the stolen information as well as keep quiet about the incident as well as finally agreed to the FTC settlement three months ago, without admitting any wrongdoing.
Uber Technologies Inc. only told the FTC about the October 2016 data incident on Tuesday, when the breach was made public by Bloomberg.
However, in which secret payment eventually cost Uber security executives their jobs for handling the incident.
today Uber CEO Dara Khosrowshahi has reportedly asked for the resignation of Uber Chief Security Officer Joe Sullivan, as well as one of his deputies, Craig Clark, who worked to keep the attack quiet.
“None of in which should have happened, as well as I will not make excuses for in which. While I cannot erase the past, I can commit on behalf of every Uber employee in which we will learn through our mistakes,” Khosrowshahi said.
“We are changing the way we do business, putting integrity at the core of every decision we make as well as working hard to earn the trust of our customers.”
Uber is usually notifying regulatory authorities as well as offering affected drivers free credit monitoring as well as identity theft protection.
The company also says in which in which is usually monitoring the affected accounts for fraudulent activity as well as in which riders do not need to take any action against in which incident. in which’s likely in which Uber will be forcing its customers to reset their passwords for its app.