By Eric Newcomer 21 November 2017Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing company ousted Joe Sullivan, chief security officer, and one of his deputies for their roles in keeping the hack under wraps.
Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.
Full Article.
Uber Concealed Cyberattack That Exposed 57 Million People’s Data
Userlevel 7
+54
Userlevel 7
+54
What’s worse than being hacked? Covering up a hack.
Graham Cluley | November 21, 2017
Bloomberg reports on what seems to be a security scandal at Uber.
The ride-sharing firm concealed the theft of personal information related to 57 million customers and drivers, and rather than inform the concerned parties "paid hackers $100,000 to delete the data and keep the breach quiet."
Full Article.
Graham Cluley | November 21, 2017
Bloomberg reports on what seems to be a security scandal at Uber.
The ride-sharing firm concealed the theft of personal information related to 57 million customers and drivers, and rather than inform the concerned parties "paid hackers $100,000 to delete the data and keep the breach quiet."
Full Article.
UK regulator has 'huge concerns' over Uber breach
BBC, November 22, 2017David Kennerly, director of threat research at security company Webroot, criticised Uber for paying a ransom to the hackers.
"Given the current climate around data security and breaches, it is astonishing that Uber paid off the hackers and kept this breach under wraps for a year. The fact is there is absolutely no guarantee the hackers didn't create multiple copies of the stolen data for future extortion or to sell on further down the line."
Full Article
Userlevel 7
+54
I see they have got a couple to act as fall guys now!!
Uber: Two employees fired for paying hackers to keep breach a secret
Uber: Two employees fired for paying hackers to keep breach a secret
I'm sure this touched more than just two guys, right?!
Userlevel 4
It has to be hard to decide what the right thing to do is.
What if you didn't pay and they released the data publicly?
What if you did pay and they release anyway?
They of course have duplicates as leverage in case they are caught.
I actually have a good question.
Lets say this happened to Webroot. How does a security company handle such threats/actions?
Is there a proper procedure to follow in such cases?
pbcompgeek
What if you didn't pay and they released the data publicly?
What if you did pay and they release anyway?
They of course have duplicates as leverage in case they are caught.
I actually have a good question.
Lets say this happened to Webroot. How does a security company handle such threats/actions?
Is there a proper procedure to follow in such cases?
pbcompgeek
Userlevel 7
+54
That is a very god question@ wrote:
I actually have a good question.
Lets say this happened to Webroot. How does a security company handle such threats/actions?
Is there a proper procedure to follow in such cases?
pbcompgeek
Userlevel 2
I can't imagine that these two guys were able to spend $100,000 of company money without the CEO and CFO knowing about it.
Userlevel 7
+54
By Associated Press on September 26, 2018
CHICAGO (AP) — Uber will pay $148 million and tighten data security after the ride-hailing company failed for a year to notify drivers that hackers had stolen their personal information, according to a settlement announced Wednesday.
Uber Technologies Inc. reached the agreement with all 50 states and the District of Columbia after a massive data breach in 2016. Instead of reporting it, Uber hid evidence of the theft and paid ransom to ensure the data wouldn't be misused.
"This is one of the most egregious cases we've ever seen in terms of notification; a yearlong delay is just inexcusable," Illinois Attorney General Lisa Madigan told The Associated Press. "And we're not going to put up with companies, Uber or any other company, completely ignoring our laws that require notification of data breaches."
Full Article.
CHICAGO (AP) — Uber will pay $148 million and tighten data security after the ride-hailing company failed for a year to notify drivers that hackers had stolen their personal information, according to a settlement announced Wednesday.
Uber Technologies Inc. reached the agreement with all 50 states and the District of Columbia after a massive data breach in 2016. Instead of reporting it, Uber hid evidence of the theft and paid ransom to ensure the data wouldn't be misused.
"This is one of the most egregious cases we've ever seen in terms of notification; a yearlong delay is just inexcusable," Illinois Attorney General Lisa Madigan told The Associated Press. "And we're not going to put up with companies, Uber or any other company, completely ignoring our laws that require notification of data breaches."
Full Article.
Userlevel 4
Been a bit since we last discussed this. Interesting to see whats happened. Although companies all over deal with this all the time. I still see a problem with disclosing it right away anyway because the info of all the accounts and info then goes nearly public. If the users aren't aware they are at risk. Anyway this is interesting if you haven't heard.
Uber to have flying cars within the next 5 years.
Uber to have flying cars within the next 5 years.
Userlevel 7
+54
I did here about that a while ago but it is the first video I have seen of them in action.@ wrote:
Anyway this is interesting if you haven't heard.
Uber to have flying cars within the next 5 years.
I loved this from the article "and is briefly weighed to make sure she’s not too portly for Uber’s weight-conscious flying taxis."
Thank you it was interesting to see them in action.
Userlevel 4
Customer standing in line waiting finally scans and then hears "Denied due to weight restrictions". That'd go over real well.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.