People enter the Uber Technologies Inc. headquarters building in San Francisco, California, U.S., on Wednesday, June 21, 2017. Travis Kalanick has resigned from his job leading Uber Technologies Inc., giving up his effort to hold onto power as a torrent of self-inflicted scandals enveloped him and the global ride-hailing leviathan he co-founded. Photographer: David Paul Morris/Bloomberg via Getty Images

Uber paid hackers to cover up massive data breach

Uber Technologies Inc paid hackers $100,000 to keep secret a massive breach last year that exposed the personal information of about 57 million accounts of the ride-service provider, the company said on Tuesday.

Discovery of the U.S. company’s cover-up of the incident resulted in the firing of two employees responsible for its response to the hack, said Dara Khosrowshahi, who replaced co-founder Travis Kalanick as CEO in August.

  Learn about the COVID-19 pandemic from News Hour  

“None of this should have happened, and I will not make excuses for it,” Khosrowshahi said in a blog post.

The breach occurred in October 2016 but Khosrowshahi said he had only recently learned of it.

The hack is another controversy for Uber on top of sexual harassment allegations, a lawsuit alleging trade secrets theft and multiple federal criminal probes that culminated in Kalanick’s ouster in June.

The stolen information included names, email addresses and mobile phone numbers of Uber users around the world, and the names and license numbers of 600,000 U.S. drivers, Khosrowshahi said.

Uber passengers need not worry as there was no evidence of fraud, while drivers whose license numbers had been stolen would be offered free identity theft protection and credit monitoring, Uber said.

Two hackers gained access to proprietary information stored on GitHub, a service that allows engineers to collaborate on software code. There, the two people stole Uber’s credentials for a separate cloud-services provider where they were able to download driver and rider data, the company said.

A GitHub spokeswoman said the hack was not the result of a failure of GitHub’s security.

“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” Khosrowshahi said.

“We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”

Bloomberg News first reported the data breach on Tuesday.

Khosrowshahi said Uber had begun notifying regulators. The New York attorney general has opened an investigation, a spokeswoman said.

Follow News Hour
News Hour Correspondent

This article has been posted by a News Hour Correspondent. For queries, please contact through [email protected]
No Comments
Scroll Up
%d bloggers like this: