Uber Pays Hackers $100k to Hush Up Massive Data Breach

Phil Baker | 10:08 PM on November 21, 2017
(ShutterStock)

When Uber was run by Travis Kalanick, its first CEO and founder, it often resembled a criminal enterprise. It violated laws, spied on its customers, lied to investigators, played tricks on its competitor, and is being sued for stealing a competitor’s trade secrets. Only after one of its female employees, Susan Fowler, went public with how she and others were harassed and discriminated against was Kalanick replaced as CEO.

Advertisement

But replacing the CEO did not end the embarrassment. It was just disclosed by Bloomberg that hackers stole the personal data of 57 million customers and drivers from its company servers. Now, that’s bad enough, but the company covered it up for more than a year by paying the hackers $100,000 to hush things up.

The data stolen included the names, email addresses, and phone numbers of 50 million Uber passengers and 7 million drivers, as well as 600,000 U.S. driver’s license numbers. It occurred more than a year ago in October 2016 and had been concealed until Bloomberg just revealed it.

Here’s how the hack occurred: The attackers accessed a coding site used by Uber software engineers and then stole their login credentials to access data stored on its servers run by Amazon Web Services. That’s where the hackers discovered the rider and driver data, and contacted Uber, asking for the $100,000 in order to not release the data.

Uber is obliged by law, and by previous agreements it entered into with law enforcement and government agencies, to disclose as soon as it learns of any data being compromised. But instead, the company covered it up.

Kalanick learned of the breach in November 2016 but, with his chief of security, made the secret $100,000 payment and hid it from law enforcement and the rest of the company.

Advertisement

Their new CEO, Dara Khosrowshahi, who joined a few months ago, explained, “At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals….We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”

He then terminated Joe Sullivan, Uber’s security chief, and his assistant for their role in this incident.

What about Kalanick, who was also complicit? He remains as a board member and recently appointed two new members to serve with him.

 

 

 

 

 

Phil Baker
Phil Baker is a product development expert as well as an award winning journalist and author covering high tech. He hosts a gadget blog at BakerOnTech.com. Phil holds over 30 patents and has been an executive for a number of high technology companies. He’s been responsible for bringing scores of well-known consumer tech products to market. Phil is the author of “From Concept to Consumer,” a former columnist for the San Diego Transcript, and founder of Techsperts, Inc., a product development company.
Category: CULTURE

Recommended

Biden Administration Is Now Under Investigation for 'Election Interference' Matt Margolis
Weekend Parting Shot: Your Smoker Will Kill Us All Lincoln Brown
UPDATE: An Escaped Prisoner Leads to an 'Internal Investigation' Within Georgia Sheriff's Department Chris Queen
Did Biden's Love for Hamas Just Lose Him the Jewish Vote? Stephen Green
Maine Kid Who Tried to Kill Cops With Machete Is Sentenced, Elephant in Room Still Ignored Robert Spencer
The Morning Briefing: Netanyahu Is a Magnifying Glass on Biden's Pathetic Weakness Stephen Kruiser

Trending on PJ Media Videos

Join the conversation as a VIP Member

Advertisement
Trending
Editor's Choice
This Might Be the Best Chance to Impeach Joe Biden
Kudos, Commies, You've Made White People a Global Hobgoblin (and Cashed in Doing It)
Aid Workers Call Biden's $320 Million Gaza Pier 'A Joke'
Advertisement