Uber Paid Hackers $100000 to Hide a Major Data Breach
23 November 2017, 12:27 | Lionel James
Customer's email addresses and mobile phone numbers were compromised in the 2016 hack
The security of data stored in the cloud has come under scrutiny yet again as Australian information commissioner Timothy Pilgrim commences investigating global ride-sharing giant Uber in the wake of revelations that the firm paid hackers $132,000 to delete the stolen personally identifiable information (PII) of 57 million of its users.
The San Francisco-based startup confirmed a Bloomberg story on Tuesday that hackers stole the personal data of millions of users, including the names and driver's license numbers of 600,000 of its drivers, in October 2016.
This isn't his first run-in with the ride-hailing company - just previous year his office reached a settlement with Uber over its collection and use of riders' personal information and its delayed disclosure of a 2014 data breach.
The compromised data includes names, email addresses, and phone numbers of more than 50 million Uber riders and 7 million drivers around the world, according to a Bloomberg report. Uber said it had informed regulators around the world of the breach on Tuesday, as well as individually contacting the USA drivers whose license numbers had been taken. He was not at the helm when it happened. To further hide the damage, Uber executives also made it appear as if the payout had been part of a "bug bounty" - a common practice among technology companies in which they pay hackers to attack their software to test for soft spots.
As part of that settlement, Uber also paid a $20,000 fine for waiting to notify five months about another data breach that it discovered in September 2014.
"At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals".
Khosrowshahi, meanwhile, is offering free credit monitoring for drivers whose personal info was stolen in the hack and has hired security expert Matt Olsen, a former staffer at the National Security Agency and director of the National Counterterrorism Center to help the company going forward. Regulatory authorities were being notified, the company added. Uber says no Social Security numbers or location data was involved.
The New York Attorney General's Office has also opened an investigation into the breach.
Khosrowshahi criticized Uber's handling of its data theft in his blog post. "We are changing the way we do business". "Interestingly here it's the fact that Uber covered up the breach that seems to have got people's backs up, clearly showing how important honesty is when dealing with such incidents".
Game recap: New Orleans Saints 34, Washington Redskins 31 in OT
The Redskins' Kurt Cousins then led his team down the field late in the quarter, connecting on a 16-yard TD pass for a 10-3 lead. In the third quarter, with a 4-point lead, the Redskins surprised the Saints with a fake punt deep in their own territory.
Longtime country singer, songwriter Mel Tillis dies
Many of those songs were recorded by other country music stars such as Kenny Rogers, George Strait and Ricky Skaggs. Respiratory failure was the suspected cause, but the singer had suffered from intestinal issues since early 2016.
When is Animal Crossing: Pocket Camp out on mobile?
The company announced Animal Crossing: Pocket Camp would arrive to mobile devices in fall 2016, but got pushed back to 2017. The other games were also paid titles, and so didn't have the same style of monetisation as this free-to-play title.
Net Neutrality Abolition Formally Proposed by FCC in the US
Following the circulation of Pai's draft order, his fellow Commissioners released separate statements regarding the matter. The FCC is scheduled to vote on the plan on December 14. "It throttles access, stalls opportunity, and censors content".