This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.theguardian.com/technology/2017/nov/21/uber-data-hack-cyber-attack

The article has changed 17 times. There is an RSS feed of changes available.

Version 1 Version 2
Uber covered up massive hack that exposed data of 57m users and drivers Uber covered up massive hack that exposed data of 57m users and drivers
(35 minutes later)
Uber concealed a massive breach of the personal information of 57 million customers and drivers in October 2016, failing to notify the individuals and regulators, the company acknowledged on Tuesday. Uber concealed a massive global breach of the personal information of 57 million customers and drivers in October 2016, failing to notify the individuals and regulators, the company acknowledged on Tuesday.
According to Bloomberg, which first reported on the breach, Uber paid the hackers responsible $100,000 to delete the data and keep the breach quiet.According to Bloomberg, which first reported on the breach, Uber paid the hackers responsible $100,000 to delete the data and keep the breach quiet.
“None of this should have happened, and I will not make excuses for it,” Uber chief executive Dara Khosrowshahi said in a statement acknowledging the breach and cover-up. “None of this should have happened, and I will not make excuses for it,” Uber chief executive Dara Khosrowshahi said in a statement acknowledging the breach and cover-up. “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
Hackers stole personal data including names, email addresses and phone numbers, as well as the names and driver’s license numbers of about 600,000 drivers in the United States. The company said more sensitive information, such as location data, credit card numbers, bank account numbers, social security numbers, and birth dates, had not been compromised.Hackers stole personal data including names, email addresses and phone numbers, as well as the names and driver’s license numbers of about 600,000 drivers in the United States. The company said more sensitive information, such as location data, credit card numbers, bank account numbers, social security numbers, and birth dates, had not been compromised.
In his statement, Khosroshahi said the company had “obtained assurances that the downloaded data had been destroyed” and improved its security, but that the company’s “failure to notify affected individuals or regulators” had prompted him to take several steps, including the departure of two of the employees responsible for the company’s 2016 response. In his statement, Khosrowshahi said the company had “obtained assurances that the downloaded data had been destroyed” and improved its security, but that the company’s “failure to notify affected individuals or regulators” had prompted him to take several steps, including the departure of two of the employees responsible for the company’s 2016 response.
Uber chief security officer Joe Sullivan was one of the two employees who left the company, Bloomberg reported.Uber chief security officer Joe Sullivan was one of the two employees who left the company, Bloomberg reported.
The hack and subsequent concealment is just the latest in a string of scandals and crises that Khosrowshahi inherited from his predecessor, Travis Kalanick, who was forced out of the $68bn startup in June.
The year started out with the trend-setting #DeleteUber viral boycott campaign, which arose after the company was accused of exploiting a New York taxi drivers’ work stoppage to protest Trump’s travel ban.
Then in February, former employee Susan Fowler published a blog post alleging a pervasive culture of gender discrimination and sexual harassment at the company.
The next month saw a New York Times report that for years Uber had been running a secret program to systematically deceive law enforcement officials in cities where its service violated regulations. Officials attempting to hail an Uber during a sting operation were “greyballed”; they might see icons of cars within the app navigating nearby, but no one would come pick them up.
Fowler’s blog post prompted Uber to commission an investigation of its workplace culture, and led to a public airing of the startup’s considerable dirty laundry. The company had skyrocketed to its position as the highest-value startup and dominant ride-hail app by defying rules and regulations, but the post-Fowler reckoning saw at least 20 employees fired and the company acknowledge that it needed to change. It also led to the eventual ousting of Kalanick himself.
Khosrowshahi displayed the new conciliatory style in September when Transport for London decided not to renew its license to operate in London. “We’ve got things wrong along the way,” the CEO said at the time. “On behalf of everyone at Uber globally, I apologise for the mistakes we’ve made.”