Friday, 15 December 2017
Latest news
Main » Uber in legal crosshairs over hack cover-up

Uber in legal crosshairs over hack cover-up

23 November 2017

Uber suffered a data breach back in October 2016 that affected tens of millions of people, and it is just now letting the public know about it, as 2018 rolls into view.

Uber's chief security officer, Joe Sullivan, and a lawyer who reported to him, Craig Clark, have been ousted for their roles in the breach and the cover-up. Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded. The personal information of about 7 million drivers was accessed as well, including some 600,000 USA driver's license numbers.

Uber is now going to inform individuals who had their information stolen about the thefts, and will provide free credit monitoring for drivers.

Mr Khosrowshahi - who was named CEO in August following the departure of founder Travis Kalanick - said he had only recently learned of the matter himself.

Khosrawshahi adds, "while I can't erase the past, I can commit on behalf of every uber employee that we will learn from our mistakes".

Khosrowshahi said Uber had begun notifying regulators.

Like this story? Share it!

Trump administration to end provisional residency protection for 50000 Haitians
Then-Secretary John Kelly agreed to extend it for another six months but indicated that status likely would not be renewed again. More than 325,000 people from 10 countries have Temporary Protected Status and have lived in limbo for years, sometimes decades.

Joe Sullivan, chief security officer, and his deputy hid the cyberattack as USA regulators investigated Uber for a different set of privacy violation claims.

The U.K. regulator in charge of data privacy is looking into the major hack of Uber Technologies Inc.'s user data, and is working with the National Cyber Security Centre to asses the scale of the breech. This, compounding the seriousness of the breach and the potential repercussions if the PII is abused, suggest that the CEO's mea culpa is only the beginning of what could be a trying time for the company. As part of that settlement, Uber also paid a $20,000 fine for waiting to notify five months about another data breach that it discovered in September 2014.

Although the Uber breach likely has global implications, its potential effect on Australian users and drivers led Pilgrim to quickly make enquiries with Uber, his office said in a statement. To keep the leak secret, Uber paid the hackers a ransom of $100,000.

In early 2016, Schneiderman announced a settlement with Uber stemming from an investigation into the company's handling and protection of riders' personal information.

Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company.

Two hackers managed to access personal information they stole from a "third-party cloud-based service".

Uber in legal crosshairs over hack cover-up