Latest in Gear

Image credit: Andre Coelho/Bloomberg via Getty Images

Uber's new chief knew about hack months before the public

There were reasons for the delay, but it's still not very comforting.
643 Shares
Share
Tweet
Share
Save

Sponsored Links

Andre Coelho/Bloomberg via Getty Images

Uber may have come clean about the grievous hack that exposed data for 57 million users, but it apparently took its time getting to that point. Wall Street Journal sources have learned that new CEO Dara Khosrowshahi was informed about the data breach two weeks after he took the reins on September 5th, or more than two months before informing the public. There were reasons for the delay, according to the tipsters, but it still meant leaving people out of the loop.

Khosrowshahi did order a prompt investigation, as he claimed, but Uber and Mandiant (the digital forensics unit of FireEye) wanted to determine exactly how many users were affected and fire the two executives that covered up the attack. Uber told its would-be investor SoftBank about the breach roughly three weeks before the WSJ scoop, but it still didn't know just how many people were at risk.

Uber has confirmed the broader claims of the report. The company informed SoftBank with incomplete info because of its "duty to disclose to a potential investor," according to a statement, and revealed the breach in a "very public way" once its investigation wrapped up.

While Khosrowshahi inherited the hack from the previous management under Travis Kalanick and isn't facing much of a direct threat, the revelation isn't exactly going to help Uber as investigators from the FTC and individual states look into what happened. They may want to know why Uber's inquiry took so long, and whether or not Uber could have offered a basic warning to customers as soon as it knew their data was at risk. It'll need to have satisfactory answers if it wants to avoid the same kind of scrutiny as Equifax and other high-profile hacking targets.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
643 Shares
Share
Tweet
Share
Save

Popular on Engadget

Two men plead guilty to running large illegal streaming sites

Two men plead guilty to running large illegal streaming sites

View
The best plug-in smart outlet

The best plug-in smart outlet

View
After Math: Microsoft pulls back the cover on Project Scarlett

After Math: Microsoft pulls back the cover on Project Scarlett

View
FDA clears an interoperable, automated insulin pump

FDA clears an interoperable, automated insulin pump

View
Study suggests vapers are 1.3 times more likely to develop lung disease

Study suggests vapers are 1.3 times more likely to develop lung disease

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr