Business & Tech
Uber Breach Of 57M Users' Data Kept Secret For A Year
Bloomberg reported that the company worked to keep the hack a secret.
SAN FRANCISCO, CA — Data from 57 million Uber customers was stolen in a massive cyberattack against the technology and ride sharing company that was kept secret from the public since October 2016, the company announced Tuesday.
The data targeted include email addresses, phone numbers and names of about 50 million customers, and 7 million drivers also had their data stolen, according to a Bloomberg report. More than half a million drivers had their driver's license numbers stolen in the reach.
"Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded," new Uber CEO Dara Khosrowshahi said in a statement.
Find out what's happening in San Franciscofor free with the latest updates from Patch.
Two people have been fired this week for their roles in covering up the incident. Bloomberg reported that Joe Sullivan, previously the company's chief security officer, and one of his subordinates, were terminated.
The company paid hackers $100,000 to delete the data and not reveal the fact of the breach publicly, Bloomberg found. In a statement to the press, Khosrowshahi disavowed the choice to keep the breach a secret.
Find out what's happening in San Franciscofor free with the latest updates from Patch.
"None of this should have happened, and I will not make excuses for it," Khosrowshahi said. "While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers."
In response to the attack, Uber said it had notified regulator authorities. It has also notified the drivers whose numbers were leaked and will provide free credit monitoring to them.
"While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection," Khosrowshahi said.
The company said it does not believe riders need to do anything in response to this attack. However, in a statement it encouraged all users to regularly monitor their accounts for issues.
Watch Now: Uber Breach Of 57M Users' Data Kept Secret For A Year
Photo by Leon Neal/Getty Images
Get more local news delivered straight to your inbox. Sign up for free Patch newsletters and alerts.