Uber Paid Hackers To Keep Massive Breach Of Personal Data A Secret

Adjust Comment Print

Some personal information of 57 million Uber users around the world, including the drivers described above.

On Tuesday Uber revealed that the data of 57 million customers had been exposed in a hack in October previous year. CBS News financial contributor Mellody Hobson joins "CBS This Morning" from San Francisco to discuss to impact of the latest revelations. "While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes", said Dara Khosrowshahi who became Uber's Chief Executive Officer last September and claims he didn't learn of the attack until recently.

The FTC's statement is significant because Uber only settled a prior investigation into security and privacy complaints dating back to 2014 and 2015 and carried out by the agency this summer, when it agreed to 20 years of external audits and to abide by various conditions in the consent order.

Uber drivers can find out if their data was stolen on this link.

The hackers say they found the data on an Amazon cloud server used by the ride-sharing company.

Murali Vijay, Cheteshwar Pujara steer India into commanding position
Resuming the final session at 185 for 1, India looked good for more, but ten overs into the session came Sri Lanka's breakthrough. From being India's first-choice opener before his injury-break, Murali Vijay has been relegated to third in the pecking order.

Data protection lawyers at the Leigh Day legal firm said a "huge number of claims" could be brought against Uber by its customers as a result of the security failing. On Wednesday, the Attorney General of Missouri - one of the states now probing Uber - sent the company a letter demanding that it immediately notify all affected customers and implement procedures aimed at preventing future data breaches. Uber says that the affected accounts belonging to riders are now monitored and have been additionally updated with extra fraud protection but there's now no official way of finding out if your rider's account has been breached.

Meanwhile, Anthony Glees, of the University of Buckingham, said: "Given the obvious level of organisation and the patterns of fraudulent use it seems reasonable to believe that Russian hackers obtained these users" data and have traded it on the dark web'.

You may be asking why we are just talking about this now, a year later.

He added: 'Deliberately concealing breaches from regulators and citizens could attract higher fines for companies'. And regulators in other markets can be stricter.

And while that law has not come in to force, expectations around breach disclosures are being reset to meet the new standard across the EU.