Latest in Gear

Image credit: David Paul Morris/Bloomberg via Getty Images

Uber hid data breach that exposed info for 57 million users

The company has inherited one more big scandal from its former CEO.
1058 Shares
Share
Tweet
Share
Save

Sponsored Links

David Paul Morris/Bloomberg via Getty Images

Uber's new CEO Dara Khosrowshahi has inherited yet another scandal from Travis Kalanick. The ridesharing firm has revealed to Bloomberg that it hid an extortion-oriented cyberattack which exposed the personal info for roughly 57 million customers and drivers in October 2016, including names, email addresses and phone numbers. Instead of reporting the hack to the government and users, it paid hackers $100,000 to delete the info and keep quiet for more than a year.

There's no evidence the data was abused, Uber said. However, Khosrowshahi isn't about to defend his company's past behavior. "I will not make excuses for it," he said in a statement. Accordingly, Uber has fired chief security officer Joe Sullivan and one of his deputies, senior lawyer Craig Clark, for playing key roles in covering up the truth. It's also asking former National Counterterrorism Center director Matt Olsen for help structuring Uber's security processes and has stepped up its fraud monitoring for the affected accounts. Drivers in particular are getting free credit monitoring and identity theft protection.

News of the data breach underscores just how much of a challenge Khosrowshahi faces in rethinking Uber's toxic corporate culture. The company was continuing its longstanding habit of ignoring the law even after it had just settled a New York state lawsuit over data security disclosures, and was entering talks with the FTC that would lead to a settlement over data handling. If it could face those kinds of legal threats and still decide that concealing an attack was more important than protecting users, it clearly needs major reforms.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1058 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
Disney+ public pre-orders are open, but without deep bundle discounts

Disney+ public pre-orders are open, but without deep bundle discounts

View
Facebook's Libra currency will get half its backing from the US dollar

Facebook's Libra currency will get half its backing from the US dollar

View
AMD delays 16-core Ryzen 9 CPU to November

AMD delays 16-core Ryzen 9 CPU to November

View
Erica's modular synth helps you make music with preset cards

Erica's modular synth helps you make music with preset cards

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr