you thought Uber had hit rock-bottom and
was on its way back up...
a somewhat stunning - even for Uber - series of events, Bloomberg
reports that the ride-hailing
service concealed a massive cyberattack -
in which hackers stole personal data from 57 million customers - for
more than a year... and paid
the hackers $100,000 to keep quiet about the cyberattack.
ride-hailing company ousted Joe Sullivan, chief security officer,
and one of his deputies for their roles
in keeping the hack under wraps.
data from the October 2016 attack included names, email addresses and
phone numbers of over 50 million Uber riders around the world, the
company told Bloomberg on Tuesday.
personal information of about 7 million drivers were accessed as well, including
some 600,000 U.S. driver’s license numbers.
of this should have happened, and I will not make excuses for
it,” Dara Khosrowshahi, who took over as chief
executive officer in September, said in an emailed statement.
are changing the way we do business.”
Uber’s co-founder and former CEO, learned of the hack in November
2016, a month after it took place, the company said.
had just settled a lawsuit with the New York attorney general over
data security disclosures and was in the
process of negotiating with the Federal Trade
Commission over the handling of consumer data.
declined to comment on the hack.
I can’t erase the past, I can commit on behalf of every Uber
employee that we will learn from our mistakes,” Khosrowshahi
said in the emailed statement.
company plans to release a statement to customers saying it
has seen “no evidence of fraud or misuse tied to the incident.” Uber
said it will provide drivers whose licenses were compromised with free
credit protection monitoring and identity theft protection.