Uber concealed huge data breach

Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed.

The 2016 breach was hidden by the ride-sharing firm which paid hackers $100,000 (£75,000) to delete the data.

The company's former chief executive Travis Kalanick knew about the breach over a year ago, according to Bloomberg, which first broke the news.

The hackers found 57 million names, email addresses and mobile phone numbers, Uber said.

Within that number, 600,000 drivers had their names and license details exposed. A resource page for those affected has been set up.

Uber concealed huge data breach

First it was Equifax that concealed a data breach that affected pretty much every American alive today. Now it's Uber. Where's the responsibility here? Why the hell would you not tell your employees and customers that their personal data has been compromised?

Luckily I'm not involved in this one. But when I was a soldier the OPM hack compromised my data and that of my family, same with the Home Depot hack. The Experian hack compromised my information as well, but since I already have identity protection services from previous hacks the impact was essentially nonexistent. That isn't true for millions of others however.

I smell lawsuits coming.

a reply to: projectvxn

I'd rather support Lyft or even just rough it and support a local cab after everything that came out about Uber's former CEO who was talking sh*t to one of his drivers, which was caught on audio recording (along with the reports of abuse and harassment the workplace environment at Uber seemed to protect/cultivate).

Just another reason not to trust these large corporations

originally posted by: projectvxn

Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed.

The 2016 breach was hidden by the ride-sharing firm which paid hackers $100,000 (£75,000) to delete the data.

The company's former chief executive Travis Kalanick knew about the breach over a year ago, according to Bloomberg, which first broke the news.

The hackers found 57 million names, email addresses and mobile phone numbers, Uber said.

Within that number, 600,000 drivers had their names and license details exposed. A resource page for those affected has been set up.

Uber concealed huge data breach

First it was Equifax that concealed a data breach that affected pretty much every American alive today. Now it's Uber. Where's the responsibility here? Why the hell would you not tell your employees and customers that their personal data has been compromised?

Luckily I'm not involved in this one. But when I was a soldier the OPM hack compromised my data and that of my family, same with the Home Depot hack. The Experian hack compromised my information as well, but since I already have identity protection services from previous hacks the impact was essentially nonexistent. That isn't true for millions of others however.

I smell lawsuits coming.

I smell the 'new' form of digital blackmail/kidnap taking place, that is to say, it has probably gone on for years now.
The internet is an open book simple as that, and all services are vulnerable, and if you use them, so are you, me...everybody.
It's up to Uber to clean up the mess, and maybe think of an alternate way of doing things. codifying, clients, areas, cabs in some discrete way...easy for me to say that, however what else is there?

Uber is on really shaky ground already, this could be the thing that sinks them.

It's up to Uber to clean up the mess, and maybe think of an alternate way of doing things. codifying, clients, areas, cabs in some discrete way...easy for me to say that, however what else is there?

Stop storing information. That's really the only defense. We've grown a bunch of consumer databases to ridiculous proportions, and you wouldn't believe what they're able to store on you. We need a new legal approach to data. Your data should be yours, it shouldn't be something the company is able to record and store about you. This would force significant cutbacks in information retained, and therefore make hacks when they do happen (there's no stopping them) less damaging. You can't steal what doesn't exist.

originally posted by: Aazadan
Uber is on really shaky ground already, this could be the thing that sinks them.

It's up to Uber to clean up the mess, and maybe think of an alternate way of doing things. codifying, clients, areas, cabs in some discrete way...easy for me to say that, however what else is there?

Stop storing information. That's really the only defense. We've grown a bunch of consumer databases to ridiculous proportions, and you wouldn't believe what they're able to store on you. We need a new legal approach to data. Your data should be yours, it shouldn't be something the company is able to record and store about you. This would force significant cutbacks in information retained, and therefore make hacks when they do happen (there's no stopping them) less damaging. You can't steal what doesn't exist.

Exactly my point, it won't just end with Uber, it can only end with ending data sharing, which would probably collapse all the data sharing .coms who make money out of it all, but data sharing is also what we all do on the internet, just like this forum.
Did you ever see this report?
www.npr.org...

originally posted by: projectvxn
... Why the hell would you not tell your employees and customers that their personal data has been compromised?

stock price? duh?

a reply to: NobodiesNormal

Maybe they were actually that stupid. Because they had to know that legally they have to report a crime like this.

a reply to: projectvxn

blinks :

which paid hackers $100,000 (£75,000) to delete the data.

and they believe this was a satisfactory " conclusion "

?????????????????????????

which paid hackers $100,000 (£75,000) to delete the data.

They paid the hackers $100,000 to say they deleted the data. Uber doesn't have any way of knowing if they actually did, or if the info is being sold on the dark net right now.

a reply to: projectvxn


I'm just gonna post my credit card, bank info and Social Security number on Facebook to get it the hell over with.

originally posted by: projectvxn
a reply to: NobodiesNormal

Maybe they were actually that stupid. Because they had to know that legally they have to report a crime like this.

If they don't report it, then no one would find out. This happens a lot.

Uber was not a well run company under their previous CEO. Lots of stories of a frat boy internal culture that skirted every law on the books that they could.

People want fast results so data is kept to speed up the process of a purchase. It ending up in the wrong hands is one of the down sides of it.

originally posted by: Aazadan
Uber was not a well run company under their previous CEO. Lots of stories of a frat boy internal culture that skirted every law on the books that they could.

That's something I've noticed about both Uber and Tesla. The guys that run them are much better at being visionaries than they are at actually running a business. Or treating their employees decently.

originally posted by: AndyFromMichigan

originally posted by: Aazadan
Uber was not a well run company under their previous CEO. Lots of stories of a frat boy internal culture that skirted every law on the books that they could.

That's something I've noticed about both Uber and Tesla. The guys that run them are much better at being visionaries than they are at actually running a business. Or treating their employees decently.

Uber's CEO wasn't even a visionary.

It depends as far as Elon Musk goes, regular employees at Tesla aren't known for getting good deals, but they're also not doing high skilled work. SpaceX has a great culture... long hours, but a good working environment.

a reply to: AugustusMasonicus
Could you please fast forward that information to please. Just one small question ,How big is your overdraft limit?

originally posted by: Aazadan
Uber is on really shaky ground already, this could be the thing that sinks them.

It's up to Uber to clean up the mess, and maybe think of an alternate way of doing things. codifying, clients, areas, cabs in some discrete way...easy for me to say that, however what else is there?

Stop storing information. That's really the only defense. We've grown a bunch of consumer databases to ridiculous proportions, and you wouldn't believe what they're able to store on you. We need a new legal approach to data. Your data should be yours, it shouldn't be something the company is able to record and store about you. This would force significant cutbacks in information retained, and therefore make hacks when they do happen (there's no stopping them) less damaging. You can't steal what doesn't exist.

Maybe the ID verification companies should become credential storage companies instead? You want to give some company your personal details, you get a one time ID from the credential company and give to the other company.
Norway do this, there is the national folk registry. It stores your name and address, which is linked into by banks, mobile phone company and employers, income tax and the post office. When you change your address there, all your mail will get redirected, as well as your income tax bills and bank correspondence. You can opt to have a secondary address, if you are working somewhere else temporarily.