On Tuesday Uber has confirmed that hackers stole personal details 57 million customers and drivers in a breach happened in 2016.Instead of reporting the breach Uber paid $100,000 to hackers in order to delete the data and keep quiet.
On Tuesday Uber has confirmed that hackers stole personal details 57 millioncustomers and drivers in a breach happened in 2016.Instead of reporting the breach Uber paid $100,000 to hackers in order to delete the data and keep quiet.According to Bloomberg the compromised data consist of names, email addresses and phone numbers of 50 million Uber riders around the world, personal information of 7 million drivers and 600,000 U.S. driver’s license numbersUber said that No Social Security numbers, credit card information, trip location details or other data was exposed in the breach.
You may be interested in reading: Database of Malaysian Phone Numbers Leaked – 2014 Online Breach!The breach reportedly occurred when two hackers discovered an archive in the Amazon web services account which contains information about riders and driversHackers were able to access the Amazon web services using the login credentials they obtained from a private GitHub coding site used by Uber software engineers.Then the hackers mailed uber for asking money.According to reports the company tracked down the hackers and made them sign a nondisclosure agreement and paid the amount.They also made it appear that the payment was part of a bug bounty program conducted by the company.
Read more on: AWS S3 Buckets Misconfiguration Exposes US military DatabaseThe chief security officer Joe Sullivan who has been fired and chief executive officer Travis Kalanick who was forced out in June were reportedly part of this deal.After the breach disclosure, New York Attorney General Eric Schneiderman has launched an investigation into the hack according to his spokeswoman Amy Spitalnick.Dara Khosrowshahi(who took over as chief executive officer in September) said in a company blog post that “None of this should have happened, and I will not make excuses for it,” “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”In January, Uber was fined with $20,000 for failing to disclose a breach which exposed the names and driver's licenses of more than 50,000 of the company’s drivers which happened in 2014.
Read more on: Threat Hunting – Smarter way to defeat the Hackers?