NH opens investigation into Uber hacking

Share

Uber admitted Tuesday to covering up a massive cyberattack by paying hackers $100,000 so they wouldn't reveal that they had stolen sensitive information from 57 million customer and driver accounts.

"I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it", Khosrowshahi wrote in a blog post.

It is the latest disclosure of a major breach involving a prominent company.

Bloomberg reported that two Uber developers had stashed credentials for the company's data stores in their code on GitHub.

Uber says that credit card details, trip location, security numbers, and other sensitive information were not stolen in the hack.

"Uber CEO Dara Khosrowshahi's statement that there is no excuse for what happened and Uber will be putting integrity and trust at the core of every business decision is a welcome message", he said.

A spokesman from Uber said the company is in the process of notifying various regulatory and government authorities. But viewing this data breach cover up as an incident that only Uber could commit misses the writing on the wall. However, the drivers license numbers of 600 000 drivers in the USA were compromised.

"It's always the company's responsibility to identify when United Kingdom citizens have been affected as part of a data breach and take steps to reduce any harm to consumers".

Earlier in 2016, the company reached a settlement with the NY attorney general requiring it to take steps to be more vigilant about protecting the information that its app stores about its riders.

More news: The explosion at a mosque in Nigeria killed 30 people

Legal experts say the company is likely to be faulted for running afoul of breach notification laws in the states that have them where customer data was compromised.

In August of this year Uber reached a settlement with the Federal Trade Commission over allegations it made deceptive privacy and data security claims.

A spokesman for Transport for London, which this year announced it would not be renewing Uber's licence in the capital, said: "We are working to gain clarity from Uber on whether any of the issues seen in the USA have occurred here".

The severity of the incident was compounded amidst revelations that the company had paid $US100,000 ($A132,000) to the hackers to delete the data.

State Attorneys General from NY and MA have opened investigations into the data breach.

"Uber paid $100K to protect 57M people?"

"This wasn't simply a data breach", Rubin said.

The FTC hasn't commented on whether or not it will investigate the matter, but an agency spokesperson said in an emailed statement that it is "closely evaluating the serious issues raised". It was also in blue moon due to the sexual harassment case. Joe Sullivan, Uber's chief security officer, is no longer with the company, it said.

Share