Uber was hacked in 2016, paid to have breach deleted

  • Uber was hacked in 2016, paid to have breach deleted

Uber was hacked in 2016, paid to have breach deleted

The stolen information included names, email addresses and mobile phone numbers of Uber users around the world, and the names and license numbers of 600,000 USA drivers, Khosrowshahi said.

"While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection", Uber's chief executive Dara Khosrowshahi said.

The revelation marks the latest stain on Uber's reputation. Meanwhile, the National Crime Agency is also involved in investigations, suggesting the hackers may even have been British-based. It's time for the judicial system to hold these companies to a higher standard - and make them pay for these security screw ups. lest we get fooled again.

According to the Times, more than 800 people in Britain and the USA have complained on Twitter about their accounts being hacked in the previous year.

Yahoo didn't make its first disclosure about hacks that hit 3 billion user accounts during 2013 and 2014 until September 2016.

"While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes", Khosrowshahi wrote.

That pledge shouldn't excuse Uber's previous regime for its egregious behaviour, said Sam Curry, chief security officer for the computer security firm Cybereason. Uber drivers, Khosrowshahi said Tuesday on Uber's blog. Some 600,000 United States driver's license numbers were also accessed.

Mr Edelstein warned Australian Uber users to change their password as a preventive measure, carefully scrutinise messages purporting to come from Uber, and avoid opening email attachments from the company.

The company has notified its drivers who had their license numbers stolen and is providing protection against credit and identity theft, Khosrowshahi said. What was the more astounding aspect of this particular incident is the fact it has taken Uber over a year to reveal the security breach - with the attack taking place in October 2016. As a result of this discovery, the startup has ousted both Sullivan and Clark.

Clark didn't immediately respond to a request for comment sent through his LinkedIn profile.

Following Uber's announcement, NY Attorney General Eric Schneiderman launched an investigation into the hack while Uber was also hit with a lawsuit over the breach by a customer, seeking class-action status. NY law requires that companies notify the attorney general and consumers if data is stolen.

Bloomberg reported this week that Uber paid hackers that stole the information USD$100,000 to delete whatever they had and that its security team had verified the details were deleted.

Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed. In response to an urgent question raised about the breach in the UK parliament, Hancock also said UK authorities do not have "sufficient confidence" in Uber's estimates over the number of UK customers impacted by the breach to "go public" with it.