'Uber hacking: customers not at risk of financial crime, says minister' diff viewer (1/2)

This article is from the source 'guardian' and was first published or seen on November 23, 2017 12:06 (UTC). It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.theguardian.com/technology/2017/nov/23/uber-hacking-customers-not-at-risk-of-financial-says-minister

The article has changed 6 times. There is an RSS feed of changes available.

Previous version 1 2 3 4 5 Next version

Previous version 1 2 3 4 5 Next version

Version 1	Version 2
Uber hacking: customers not at risk of financial crime, says minister	Uber hacking: customers not at risk of financial crime, says minister
2017-11-23 13:25:07 UTC	2017-11-23 14:00:07 UTC (35 minutes later)
There is no evidence that Uber customers who had their personal details stolen are at risk of direct financial crime, a minister has insisted, despite hundreds of users complaining that their accounts have been hacked from Russia.	There is no evidence that Uber customers who had their personal details stolen are at risk of direct financial crime, a minister has insisted, despite hundreds of users complaining that their accounts have been hacked from Russia.
The digital minister, Matt Hancock, told the House of Commons that the government was still trying to gauge the number of people in the UK affected by the global breach of the personal information of 57 million customers and drivers in October last year, which the company initially concealed.	The digital minister, Matt Hancock, told the House of Commons that the government was still trying to gauge the number of people in the UK affected by the global breach of the personal information of 57 million customers and drivers in October last year, which the company initially concealed.
On Thursday, the Times reported that more than 800 people in Britain and the US have complained on Twitter of having their accounts hacked by Russians and being billed in roubles for taxi journeys in Moscow and St Petersberg.	On Thursday, the Times reported that more than 800 people in Britain and the US have complained on Twitter of having their accounts hacked by Russians and being billed in roubles for taxi journeys in Moscow and St Petersberg.
Those hacks could be unrelated to last year’s breach, but since the October attack came to light on Monday, some users have suggested there was a link , despite Uber’s protestations that there was no evidence of fraud or misuse of accounts as a result of the hack.	Those hacks could be unrelated to last year’s breach, but since the October attack came to light on Monday, some users have suggested there was a link , despite Uber’s protestations that there was no evidence of fraud or misuse of accounts as a result of the hack.
Uber concealed huge data breach - I knew I wasn't going bloody crazy when my details kept changing to a Russian phone number and details. It was impossible to change back and Uber support were not helpful in the slightest. No wonder..! https://t.co/hEQcLP55mr	Uber concealed huge data breach - I knew I wasn't going bloody crazy when my details kept changing to a Russian phone number and details. It was impossible to change back and Uber support were not helpful in the slightest. No wonder..! https://t.co/hEQcLP55mr
@asherter my phone was hacked via uber and it showed the uber map with a car coming to pick me up in St. Petersburg Russia and I was charged 3200 rubles and 1800 rubles that the bank reversed the charge. Urber contacted me and asked me to implement two factor authentication.	@asherter my phone was hacked via uber and it showed the uber map with a car coming to pick me up in St. Petersburg Russia and I was charged 3200 rubles and 1800 rubles that the bank reversed the charge. Urber contacted me and asked me to implement two factor authentication.
Responding to an urgent question by the Labour MP Wes Streeting, Hancock said: “At this stage our initial assessment is, for Uber customers, that the stolen information is not the sort of information that would allow direct financial crime but we are working urgently to verify this and we rule nothing out.”	Responding to an urgent question by the Labour MP Wes Streeting, Hancock said: “At this stage our initial assessment is, for Uber customers, that the stolen information is not the sort of information that would allow direct financial crime but we are working urgently to verify this and we rule nothing out.”
He urged Uber customers and drivers to monitor their accounts carefully and report any irregularities, adding: “People just need to make sure they do not respond to a phishing email.”	He urged Uber customers and drivers to monitor their accounts carefully and report any irregularities, adding: “People just need to make sure they do not respond to a phishing email.”
Hancock was not directly asked about the reports of hacking of people’s accounts from Russia. However, the minister did say that the 2016 attack appeared to have been perpetrated from outside the UK.	Hancock was not directly asked about the reports of hacking of people’s accounts from Russia. However, the minister did say that the 2016 attack appeared to have been perpetrated from outside the UK.
.@Uber I've been hacked, someone in Moscow has used my account and charged my card £54.55. Why didn't what is mentioned in the pic happen?? pic.twitter.com/9EmGBskiTK	.@Uber I've been hacked, someone in Moscow has used my account and charged my card £54.55. Why didn't what is mentioned in the pic happen?? pic.twitter.com/9EmGBskiTK
@Uber @Uber_Support my uber got hacked! Pls remove my credit card from your system asap. #uber pic.twitter.com/pRHZeHtmMQ	@Uber @Uber_Support my uber got hacked! Pls remove my credit card from your system asap. #uber pic.twitter.com/pRHZeHtmMQ
~~Streeting~~ said it ~~was~~ ~~outrageous~~ that Uber had ~~not~~ ~~told~~ the ~~government~~ ~~yet~~ ~~how~~ ~~many~~ people in the UK ~~had~~ ~~been~~ ~~affected~~ by the ~~breach~~ ~~last~~ ~~year.~~ ~~“What~~ ~~assurances~~ do we ~~have~~ ~~that~~ ~~the~~ ~~data~~ of ~~Uber~~ ~~customers~~ ~~and~~ ~~drivers~~ ~~isn’t~~ in the ~~hands~~ of ~~hackers~~ or ~~criminals~~ ~~today?”~~ he ~~asked.~~	He said that Uber had passed on a number for the people affected in the UK but the government had insufficient confidence in the figure to make it public.
	Streeting asked:“What assurances do we have that the data of Uber customers and drivers isn’t in the hands of hackers or criminals today?”
After a report by Bloomberg, Uber’s chief executive revealed on Tuesday that a third-party server had been infiltrated in late 2016.	After a report by Bloomberg, Uber’s chief executive revealed on Tuesday that a third-party server had been infiltrated in late 2016.
A ransom of $100,000 (£75,500) was paid to hackers so they would delete the data and keep the security lapse quiet.	A ransom of $100,000 (£75,500) was paid to hackers so they would delete the data and keep the security lapse quiet.
Stolen information included names, email addresses and mobile phone numbers, as well as the names and number plates of 600,000 drivers in the US.	Stolen information included names, email addresses and mobile phone numbers, as well as the names and number plates of 600,000 drivers in the US.
Hancock confirmed that the UK authorities were not told of the breach before Uber spoke to the media.	Hancock confirmed that the UK authorities were not told of the breach before Uber spoke to the media.
The Information Commissioner’s Office (ICO) has warned Uber it could face fines as a result of the breach. At the moment the maximum fine is limited to £500,000 but Hancock said the government was looking to boost the ICO’s powers under a new bill.	The Information Commissioner’s Office (ICO) has warned Uber it could face fines as a result of the breach. At the moment the maximum fine is limited to £500,000 but Hancock said the government was looking to boost the ICO’s powers under a new bill.
He said delayed reporting of breaches was already an aggravating factor but the new legislation would oblige companies to to report breaches “likely to impact on data subjects to the information commissioner within 72 hours of becoming aware of it and in serious cases will also have to notify those affected by the breach”.	He said delayed reporting of breaches was already an aggravating factor but the new legislation would oblige companies to to report breaches “likely to impact on data subjects to the information commissioner within 72 hours of becoming aware of it and in serious cases will also have to notify those affected by the breach”.
Hancock said non-compliant companies could face fines of £18m or 4% of global turnover.	Hancock said non-compliant companies could face fines of £18m or 4% of global turnover.