home Business, Cyber Security Scandal: Uber Paid Hackers over $100K to Delete Stolen Data on 57 Million People

Scandal: Uber Paid Hackers over $100K to Delete Stolen Data on 57 Million People

Share

Uber has sacked its chief security officer and announced that his team paid off hackers who stole data belonging to 57 million users.

SUN VALLEY, ID - JULY 7: Dara Khosrowshahi, chief executive officer of Expedia, Inc., attends the annual Allen & Company Sun Valley Conference, July 7, 2016 in Sun Valley, Idaho. Every July, some of the world's most wealthy and powerful businesspeople from the media, finance, technology and political spheres converge at the Sun Valley Resort for the exclusive weeklong conference. (Photo by Drew Angerer/Getty Images)
‘None of this should have happened, and I will not make excuses for it,’ said Uber’s CEO

The ride-hailing app’s chief executive, Dara Khosrowshahi, said: “None of this should have happened, and I will not make excuses for it.” Former CSO, Joe Sullivan, presided over a loss of the names, email addresses and mobile phone numbers belonging to Uber drivers and passengers, according to Bloomberg.

Mr Sullivan’s team then paid the hackers $100,000 to delete the data instead of notifying the victims.

Uber’s former chief executive, Travis Kalanick, learned of the hack in 2016, according to Bloomberg – seven months before a shareholder revolt forced him to quit and replaced him with Mr Khosrowshahi.

Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.

“None of this should have happened, and I will not make excuses for it,” Dara Khosrowshahi, who took over as chief executive officer in September, said in an emailed statement. “We are changing the way we do business.”

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.

Source

Share
TAGS:

James Barnley

I’m the editor of the DomainingAfrica. I write about internet and social media, focusing mainly on Domains. As a subscriber to my newsletter, you’ll get a lot of information on Domain Issues, ICANN, new gtld’s, Mobile technology and social media.

Leave a Reply

Your email address will not be published. Required fields are marked *