Uber revealed Tuesday that hackers stole data on 57 million drivers and riders in October 2016, the ride-hailing company said on Tuesday
The hackers downloaded the names and licence numbers of six lakh drivers, Dara Khosrowshahi said.
Data included personal information such as names, email addresses and driver’s license numbers, the company said. Social Security numbers and credit card information, however, didn’t appear to have been compromised.
Ride-sharing firm Uber Technologies Inc failed to disclose a serious security breach in 2016 that responsible for the data of 5.7 crore customers. The company’s Chief Executive Officer Dara Khosrowshahi said in an official blog post on Tuesday.
Uber pay to Hackers
According to Report, Uber paid hackers $1,00,000 (Rs 6,47,70,00) to keep the breach a secret.
Khosrowshahi said the hackers were “two individuals outside the company” who “inappropriately accessed user data stored that we use on a third-party cloud-based service”.
However, he claimed that the incident did not breach the company’s corporate systems or infrastructure.
Khowsrowshahi also said that two employees responsible for the response to the data breach “are no longer with the company”. These two individuals are Chief Security Officer Joe Sullivan and his deputy Craig Clark.
This isn’t the first hack into Uber’s data. The company was hit with a cyberattack in May 2014. That put up to 50,000 former and current Uber drivers’ personal information at risk. Company was slow to reveal that attack too. It did not announce the attack until eight months after it was discover.
Uber has had a terrible year. And five separate Department of Justice investigations.
The company said, In its information page for drivers, Uber said it didn’t tell drivers right away when it found the problem. “We think this was wrong, which is why we are now taking the actions we’ve described”.
The chief executive officer said that while the names and addresses of customers were held responsible in the hack.
Forensic experts believe that there was no indication that other details. It is like trip location history, credit card numbers, bank account numbers, social security numbers or dates of birth were compromised.