A hack hits Uber, and so does a new lawsuit. The ride-sharing company is being sued after a massive data-breach and cover-up. Hackers stole the data of millions of customers around the world, and the company responded by paying off the hackers and not telling anyone.
CGTN’s John Terrett reports.
But it is a surprise to learn the company’s database was broken into in October of 2016, and the company did not disclose the compromise.
“This is riders and drivers across the world,” according to cybersecurity writer Raphael Satter. “Uber kept quiet about this hack for more than a year and paid $100,000 to the hackers to keep it that way.”
Uber came clean about its cover-up in a blog post by the company’s recently hired CEO, Dara Khosrowshahi, who wrote: “At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed.”
The company paid the hackers $100,000 to make sure the stolen information went no further, though there’s no way to be sure the data was fully destroyed.
It’s another stain on Uber’s corporate reputation. Earlier this year, shareholders unhappy with a growing list of woes ousted founding CEO Travis Kalanick, who was facing allegations of sexism and sexual misconduct at headquarters and lax background checks for drivers.
“The fact that they refuse to tell people, that tens of thousands of drivers licenses, that all of this personal data was around floating around outside of its control only reinforces the impression that people have that this is a company that doesn’t care about what happens to its users’ data,” Satter said.
Uber is apologizing to its customers and drivers, but it’s likely to face stiff questions from regulators around the world disturbed by the incident.