Uber confirms personal information of 57 million users and drivers was hacked

Hackers stole the personal information of 57 million Uber users and drivers last year, the taxi-hailing company's chief executive has revealed.

Uber confirms personal information of 57 million users and drivers was hacked

Hackers stole the personal information of 57 million Uber users and drivers last year, the taxi-hailing company's chief executive has revealed.

In a blog post, Dara Khosrowshahi, who took over in August, said he recently learned that two individuals outside the company "inappropriately accessed user data" in late 2016.

Stored in a third-party cloud-based service, Mr Khosrowshahi said the personal information of 57 million Uber users and drivers worldwide had been hacked.

This included names, email addresses and mobile phone numbers, as well as the names and number plates of some 600,000 drivers in the United States.

Mr Khosrowshahi said in the post: "At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals.

"We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed."

Bloomberg, the first to report the story, said that Uber paid $100,000 to the hackers to delete the data and keep the breach under wraps.

Mr Khosrowshahi said there had been "no indication" trip history, credit card details, bank account numbers or dates of birth were downloaded by the hackers.

"While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection," Mr Khosrowshahi said.

"None of this should have happened, and I will not make excuses for it.

"While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes."

Dermot Williams, Managing Director of Threatscape has said, "Uber has said the 600,000 affected drivers were all in the USA, but it seems the 57 million users whose information was stolen are located around the world.

"How many were in Ireland or the EU is not year clear – but were a breach like this to happen after May 2018 when GDPR is in force, the potential fines for a large breach of EU consumer data would be enormous and a 13-month delay in notifying the authorities would be unthinkable."

Responding to Uber CEO Dara Khosrowshahi’s blog post on the breach Mr Williams said: "Khosrowshahi is quick to point out that the incident ‘did not breach our corporate systems or infrastructure’ – but this is misleading as online companies rarely own the systems they use to store and process data, instead renting capacity from cloud providers such as Amazon, Microsoft and Google.

"A key aspect of the cloud era is that while a company like Uber may not be responsible for the operation of the third-party cloud services it uses, it is still very much accountable for the security of customer data stored there – including ensuring its personnel carefully guard the passwords for accessing that data. In this respect, Uber dropped the ball."

For Irish Uber customers Mr Williams advises: "Make sure you're not using the same password for Uber as you're using for other websites or online services, and if you are you need to change these as a matter of urgency.

"Also while Uber do not believe customer credit card information was stolen, it always prudent to monitor your statements for any unauthorised transactions."

more courts articles

Man (25) in court charged with murdering his father and attempted murder of mother Man (25) in court charged with murdering his father and attempted murder of mother
Man appears in court charged with false imprisonment of woman in van Man appears in court charged with false imprisonment of woman in van
Man in court over alleged false imprisonment of woman Man in court over alleged false imprisonment of woman

More in this section

FILE PHOTO The Competition and Consumer Protection Commission has cleared the purchase of Goodbody Stockbrokers by AIB END Goodbody Stockbrokers fined over €1.2m by Central Bank over rules breaches
Nottingham City Centre Stock Irish staff at the Body Shop wait for wages as retailer shuts stores in the Republic
Ryanair comments on Norwegian Ryanair boss O'Leary's spat with Transport Minister over Dublin Airport escalates
IE logo
Devices


UNLIMITED ACCESS TO THE IRISH EXAMINER FOR TEAMS AND ORGANISATIONS
FIND OUT MORE

The Business Hub
Newsletter

News and analysis on business, money and jobs from Munster and beyond by our expert team of business writers.

Sign up
ie logo
Puzzles Logo

Play digital puzzles like crosswords, sudoku and a variety of word games including the popular Word Wheel

Lunchtime News
Newsletter

Keep up with the stories of the day with our lunchtime news wrap.

Sign up
Cookie Policy Privacy Policy Brand Safety FAQ Help Contact Us Terms and Conditions

© Examiner Echo Group Limited