After the company came to know about the breach, it immediately took action to secure the data and block any further unauthorized access.
Uber is facing a hard time this year with continuous incidents that eventually led the Travis Kalanick to step down from the CEO position. However, now it seems that the unethical culture and ineffective strategies were not only the issues during Kalanick’s leadership.
Dara Khosrowshahi, CEO of Uber announced on Tuesday that the company has hidden a data breach took place in 2016. Uber and its employees have sewn their lips about the breach for more than 1 year.
Khosrowshahi revealed in the blog post that, in 2016 two unknown individuals from outside the company has hacked into the company’s stored data on the third-party cloud service used by Uber. Both individuals were successful in downloading the personal information of 57 million customers of Uber.
However, Khosrowshahi assures that the hackers were unable to touch the trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth.
After the company came to know about the breach, it immediately took action to secure the data and block any further unauthorized access. Uber also contacted the hackers and made a deal to destroy all the downloaded information in return for $100,000 as a ransom amount.
The information that was stolen by the hackers included the name and license number of the 600,000 drivers across the US.
Khosrowshahi said in the blog post.
“You may be asking why we are just talking about this now, a year later. I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it. What I learned, particularly around our failure to notify affected individuals or regulators last year”,
the company now is actively notifying the affected individual and the national authorities about the breach.
As a repulsive effect, Leigh Day, a British law firm has sued the company for breaking the legal commitment to protect the consumer's personal data.
“In legal terms, those affected may have claims for compensation for the distress caused and any losses suffered as a result of the misuse of their private information and breach of the Data Protection Act,”
said Sean Humber, a data protection specialist from Leigh Day,
After months of efforts from the ride-hailing giant to garner the trust of the riders and drivers across its service the company was on the right track, this revelation may affect the “180 days of change” campaign.
However, this is not the first time any reputed firm has hidden a data hacking incident. In September 2016 Yahoo disclosed that the hackers have stolen data from 3 billion users and Equifax accepted that hackers were able to snitch the Social Security numbers of 145 million Americans.
Whatever the approach was Uber has considered at the time of branch to tackle the situation it surely has marred the trust of its users now. On the other hand, the new CEO of the ride-hailing firm said that the company is changing the way of doing business and integrating the integrity to every decision in order to maintain the transparency with employees, drivers, riders and everyone who deals with Uber.
“None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,”
wrote Dara Khosrowshahi in the blog post.
She is a content marketer and has more than five years of experience in IoT, blockchain, Web, and mobile development. In all these years, she closely followed the app development, and now she writes about the existing and the upcoming mobile app technologies. Her essence is more like a ballet dancer.