Lawsuits target Uber after cover up of massive data breach unveiled

World Today

FILE – This Wednesday, March 1, 2017, file photo shows an exterior view of the headquarters of Uber in San Francisco. Uber paid $100,000 to hackers who stole data on the ride-hailing company’s drivers and riders, then kept the massive data breach quiet for a year. This latest stain on Uber’s reputation also raises serious questions about ransom payments to hackers, and legal implications as states and federal governments investigate whether Uber violated laws about notifying consumers about their stolen data. (AP Photo/Eric Risberg, File)

A hack hits Uber, and so does a new lawsuit. The ride-sharing company is being sued after a massive data-breach and cover-up. Hackers stole the data of millions of customers around the world, and the company responded by paying off the hackers and not telling anyone.

CGTN’s John Terrett reports.

But it is a surprise to learn the company’s database was broken into in October of 2016, and the company did not disclose the compromise.

“This is riders and drivers across the world,” according to cybersecurity writer Raphael Satter. “Uber kept quiet about this hack for more than a year and paid $100,000 to the hackers to keep it that way.”

Uber came clean about its cover-up in a blog post by the company’s recently hired CEO, Dara Khosrowshahi, who wrote: “At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed.”

 The company paid the hackers $100,000 to make sure the stolen information went no further, though there’s no way to be sure the data was fully destroyed.

It’s another stain on Uber’s corporate reputation. Earlier this year, shareholders unhappy with a growing list of woes ousted founding CEO Travis Kalanick, who was facing allegations of sexism and sexual misconduct at headquarters and lax background checks for drivers.

“The fact that they refuse to tell people, that tens of thousands of drivers licenses, that all of this personal data was around floating around outside of its control only reinforces the impression that people have that this is a company that doesn’t care about what happens to its users’ data,” Satter said.

Uber is apologizing to its customers and drivers, but it’s likely to face stiff questions from regulators around the world disturbed by the incident.