Uber CEO shared that the information of 57 million riders and drivers were stolen in 2016
Uber is facing a hard time this year with continuous incidents that eventually led the Travis Kalanick to step down from the CEO position. However, now it seems that the unethical culture and ineffective strategies were not only the issues during Kalanick’s leadership. Dara Khosrowshahi, CEO of Uber announced on Tuesday that the company has hidden a data breach took place in 2016. Uber and its employees have sewn their lips about the breach for more than 1 year.
Khosrowshahi revealed in the blog post that, in 2016 two unknown individuals from outside the company has hacked into the company’s stored data on the third party cloud service used by Uber. Both individuals were successful in downloading the personal information of 57 million customers of Uber. However, Khosrowshahi assures that the hackers were unable to touch the trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth. After the company came to know about the breach, it immediately took action to secure the data and block any further unauthorized access. Uber also contacted the hackers and made a deal to destroy all the downloaded information in return for $100,000 as a ransom amount.
The information that was stolen by the hackers included the name and license number of the 600,000 drivers across the US.
“ You may be asking why we are just talking about this now, a year later. I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it.” Khosrowshahi said in the blog post.”What I learned, particularly around our failure to notify affected individuals or regulators last year”, that the company now is actively notifying the affected individual and the national authorities about the breach.
As a repulsive effect, Leigh Day, a British law firm has sued the company for breaking the legal commitment to protect the consumer's personal data. “in legal terms those affected may have claims for compensation for the distress caused and any losses suffered as a result of the misuse of their private information and breach of the Data Protection Act” said Sean Humber, a data protection specialist from Leigh Day,
After months of efforts from the ride-hailing giant to garner the trust of the riders and drivers across its service the company was on the right track, this revelation may affect the “180 days of change” campaign. However, this is not the first time any reputed firm has hidden a data hacking incident. In September 2016 Yahoo disclosed that the hackers have stolen data from 3 billion users and Equifax accepted that hackers were able to snitch the Social Security numbers of 145 million Americans.
Whatever the approach was Uber has considered at the time of branch to tackle the situation it surely has marred the trust of its users now. On the other hand, the new CEO of the ride-hailing firm said that the company is changing the way of doing business and integrating the integrity to every decision in order to maintain the transparency with employees, drivers, riders and everyone who deals with Uber.
“None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes”, wrote Dara Khosrowshahi in the blog post.
Joshua is a writer at MobileAppDaily and also works as a reporter for the team to keep our readers up to date. He is breaking the mobile app technology news for MobileAppDialy since 2016 and has more than 4 years of experience as a tech blogger.