Car-transportation application, Uber has fallen victim to a cyber-attack that resulted data breach of around 57 million riders and paid a handsome fee to cover up the incident.
According to local media, Uber executives responded to the data breach of 57 million customers’ data by paying USD 100,000 to the two hackers responsible for the cyber attacks. In exchange, the hackers will conceal the data breach from the public and delete the information.
Apparently, the breach occurred back in October 2016, where information like names, email addresses and mobile phone numbers of Uber users around the world, and the names and license numbers of 600,000 U.S. drivers were stolen.
The two hackers were believed to access to these sensitives information through third party server, GitHub where proprietary information were stored. Then, the two hackers downloaded driver and rider data from a separate cloud-services provider.
“We do not believe any individual rider needs to take any action.” said the Uber spokesman on the data breach. “We have seen no evidence of fraud or misuse tied to the incident.”
In the meantime, Dara Khosrowshahi, CEO of Uber, has immediately responded to the incident by shoring up cyber-security defenses.
“I’ve asked Matt Olsen, a co-founder of a cybersecurity consulting firm and former general counsel of the National Security Agency and director of the National Counterterrorism Center, to help me think through how best to guide and structure our security teams and processes going forward.” said Khosrowshahi.
To be fair, Khosrowshahi was the newly appointed CEO of Uber from his predecessor, Travis Kalanick and claimed that he did not know of the breach till recently.
“None of this should have happened, and I will not make excuses for it.” concluded Khosrowshahi.
Upon knowledge of the breach, Uber’s chief security officer, Joe Sullivan and a deputy, Craig Clark was sacked and the company pledged to work closer with the regulators for investigation on the breach.
Uber was not alone in the data breach that seemingly more prevalent in the commercial world. Equifax, FOREVER 21, Deloitte and even the nation of Malaysia were victims of cyber attacks as well with sensitive information being revealed.