Uber’s CEO Mr., on 21 Nov published a blog post regarding a hack which happened in the month of October 2016.
The hackers stole personal data of 57 million customers and drivers from a third-party cloud service which was used by Uber. The hackers were two individual outsiders.
According to an article published on Bloomberg, the company paid hackers $100,000 to keep the data breach as a secret. It is stated that out of 57 million users, 50 million users were customers and rest 7 million included the data of the drivers. Mr. Khosrowshahi confirmed that the incident did not breach their corporate systems or infrastructure and only the third-party cloud service was attacked.
Mr. Khosrowshahi, in his post, explained about the breach and the details about what exactly was stolen by the attackers. The data included driver’s license numbers, personal email, phone number, and names of the users.
“we have to be honest and transparent as we work to repair our past mistakes,” said Khosrowshahi.
Uber is taking certain measures so that this incident should not affect any customer or drivers. Some of these actions include.
- Individually notifying the drivers whose driver’s license was downloaded.
- Providing affected drivers with free credit monitoring and identity theft protection.
- Notifying regulatory authorities.
Earlier in this year, there was an unlimited free ride bug in Uber, if you wanna read about that check it out here.