Uber, one of the biggest rideshare transportation companies, has recently been subjected to a data breach.
Two undisclosed hackers managed to retrieve over 57 million Uber users’ personal information including: names, license plates, emails and phone numbers. This also affected the Uber drivers; an estimated 600,000 were hacked.
The hackers accessed the information by getting into an Amazon Web Services cloud server, a data storage base that Uber used in 2016. The company got in contact with the hackers and paid them $100,000 through a bug bounty program, which is a system where people can receive compensation for reporting bugs that occur in the program. In order to compensate, the hackers deleted the data they stole and did not speak of the whole situation publicly.
As of Sept. 26th, Uber has agreed to pay over $148 million to settlement cases that began to pop up in all 50 states. The investigation was led by state authorities from around the United States.
Authorities focused on whether Uber violated the data breach notification as they didn’t communicate the specifics about the breach with their customers. Travis Kalanick, CEO at the time, and senior leadership waited a year after the incident took place to disclose the incident to the public. Dara Khosrowshahi, chief executive of Uber, made the announcement and called it a failure. Khosrowshahi fired the two employes who signed off on the payment to the hackers.
California Authority General Xavier Becerra stated that Uber violated the public’s trust towards the company due to their lack of communication to their customers about the breach. Uber’s chief legal officer, Tony West, responded to the matter by claiming that the settlement was important to remaking Uber’s image.
Uber chose to deal with the situation by hiring a chief privacy officer, a chief trust officer and a security officer. The public already knew about the breach on West’s first day working for Uber. Instead of spending his first day meeting coworkers or settling in, West called a number of different state and federal regulators.
The aftermath of the breach resulted in Uber now being required to cooperate to regular policy audits.
The Puyallup Post is the award-winning news media of Pierce College Puyallup in Puyallup, Washington. Copyright The Puyallup Post 2018. Find us on Facebook, Twitter, Instagram and Youtube @thepuyalluppost