Uber Technologies Inc is coming clean about its cover-up of a year-old hacking attack that stole personal information about more than 57 million of the beleaguered ride-hailing service’s customers and drivers.
So far, there is no evidence that the data taken has been misused, according to a Tuesday blog post by Uber’s recently hired CEO, Dara Khosrowshahi.
Part of the reason nothing malicious has happened is because Uber acknowledges paying the hackers US$100,000 to destroy the stolen information.
Photo: Reuters
The revelation marks the latest stain on Uber’s reputation.
The San Francisco company ousted Travis Kalanick as CEO in June after an internal investigation concluded he had built a culture that allowed female workers to be sexually harassed and encouraged employees to push legal limits.
It is also the latest major breach involving a prominent company that did not notify the people that could be potentially harmed for months or even years after the break-in occurred.
Yahoo Inc did not make its first disclosure about hacks that hit 3 billion user accounts during 2013 and 2014 until September last year, while credit reporting service Equifax waited several months before revealing in September that hackers had carted off the Social Security numbers of 145 million Americans.
Khosrowshahi criticized Uber’s handling of its data theft in his blog post.
“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” Khosrowshahi wrote. “We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”
That pledge should not excuse Uber’s previous regime for its egregious behavior, said Sam Curry, chief security officer for the computer security firm Cybereason.
“The truly scary thing here is that Uber paid a bribe, essentially a ransom to make this breach go away, and they acted as if they were above the law,” Curry said. “Those people responsible for the integrity and confidentiality of the data in fact covered it up.”
The heist took the names, e-mail addresses and mobile phone numbers of 57 million riders around the world. The thieves also nabbed the driver’s license numbers of 600,000 Uber drivers in the US.
Uber waited until Tuesday to begin notifying the drivers with compromised driver’s licenses, which can be particularly useful for perpetrating identify theft.
For that reason, Uber will now pay for free credit-report monitoring and identity theft protection services for the affected drivers.
Kalanick, who still sits on Uber’s board of directors, declined to comment on the data breach that took place in October last year.
Uber says the response to the hack was handled by its chief security officer, Joe Sullivan, a former US federal prosecutor.
As part of his effort to set things right, Khosrowshahi extracted Sullivan’s resignation from Uber and also jettisoned Craig Clark, a lawyer who reported to Sullivan.
Uber’s silence about its breach came while it was negotiating with the US Federal Trade Commission about its handling of its riders’ information.
To many, Tatu City on the outskirts of Nairobi looks like a success. The first city entirely built by a private company to be operational in east Africa, with about 25,000 people living and working there, it accounts for about two-thirds of all foreign investment in Kenya. Its low-tax status has attracted more than 100 businesses including Heineken, coffee brand Dormans, and the biggest call-center and cold-chain transport firms in the region. However, to some local politicians, Tatu City has looked more like a target for extortion. A parade of governors have demanded land worth millions of dollars in exchange
Hong Kong authorities ramped up sales of the local dollar as the greenback’s slide threatened the foreign-exchange peg. The Hong Kong Monetary Authority (HKMA) sold a record HK$60.5 billion (US$7.8 billion) of the city’s currency, according to an alert sent on its Bloomberg page yesterday in Asia, after it tested the upper end of its trading band. That added to the HK$56.1 billion of sales versus the greenback since Friday. The rapid intervention signals efforts from the city’s authorities to limit the local currency’s moves within its HK$7.75 to HK$7.85 per US dollar trading band. Heavy sales of the local dollar by
Taiwan Semiconductor Manufacturing Co’s (TSMC, 台積電) revenue jumped 48 percent last month, underscoring how electronics firms scrambled to acquire essential components before global tariffs took effect. The main chipmaker for Apple Inc and Nvidia Corp reported monthly sales of NT$349.6 billion (US$11.6 billion). That compares with the average analysts’ estimate for a 38 percent rise in second-quarter revenue. US President Donald Trump’s trade war is prompting economists to retool GDP forecasts worldwide, casting doubt over the outlook for everything from iPhone demand to computing and datacenter construction. However, TSMC — a barometer for global tech spending given its central role in the
An Indonesian animated movie is smashing regional box office records and could be set for wider success as it prepares to open beyond the Southeast Asian archipelago’s silver screens. Jumbo — a film based on the adventures of main character, Don, a large orphaned Indonesian boy facing bullying at school — last month became the highest-grossing Southeast Asian animated film, raking in more than US$8 million. Released at the end of March to coincide with the Eid holidays after the Islamic fasting month of Ramadan, the movie has hit 8 million ticket sales, the third-highest in Indonesian cinema history, Film
RSS