Uber Admits Truth About Data Breach Affecting 57 Million People

Photo: Courtesy of Uber.
For most of 2016, hackers had access to Uber's user data, including names, email addresses, and phone numbers. But the news didn't come to light until today, when the company let both users and drivers — whose information was also compromised — know through a blog post.
Why did it take so long? According to Bloomberg, Uber spent much of the time between late 2016 and 2017 paying off the hackers to keep the entire thing under the radar.
Chief Security Officer Joe Sullivan has been fired over the ordeal, which involved paying the pair of hackers $100,000 to delete the info they had stolen. Mashable notes that during the hack, Uber was actually in talks with U.S. regulators to discuss other privacy concerns. Legally, Uber has to let users know exactly what happened. Sullivan's failure to disclose the hack after finding it was part of why he was terminated.
Advertisement
The hackers got into the company's cloud storage using data on GitHub. After they accessed the archive of user data, they demanded cash from Uber.
Uber's current CEO, Dara Khosrowshahi, wasn't in charge when the incident went down. In the blog post, he assures users and drivers that the information wasn't actually used and that the company has taken the time to strengthen security in the cloud-based storage system that was breached.
"None of this should have happened, and I will not make excuses for it," Khosrowshahi said in a statement to Bloomberg. "We are changing the way we do business. While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes."
Khosrowshahi is offering free credit monitoring for the affected drivers and monitoring all the leaked accounts for fraud. Uber also hired Matt Olsen, formerly of the National Security Agency and director of the National Counterterrorism Center, to make sure that moving forward, everything stays on the straight and narrow.
Bloomberg reports that New York Attorney General Eric Schneiderman — who fined Uber $20,000 in 2014 for not disclosing a different privacy breach — has already launched an investigation to the hack.
Read These Stories Next:

More from Tech

Watch

R29 Original Series

Watch Now
Documentary
Five love stories behind diverse, multicultural marriages.
Watch Now
Lifestyle
Life experiments, 5 days at a time.
Watch Now
Fashion
The style of subculture.
Watch Now
Beauty
Viral trends, tried and tested.
Watch Now
Documentary
From vibrators to lipstick, learn how your favorite products are made.
Watch Now
Documentary
Extraordinary, one-of-a-kind individuals
Watch Now
Documentary
The latest stories to watch.
Watch Now
Lifestyle
Inside the homes of millennial women — & what they paid for them
Watch Now
Comedy
Let's talk about sex, baby.
Watch Now
Documentary
Female artisans around the world
Watch Now
Politics
Made by and for smart, opinionated women.
Watch Now
Film
We helped 12 female directors claim their power.