News has surfaced today that the ride-sharing company Uber suffered a massive breach last year. Personal information of about 57 million Uber customers and drivers was compromised. Instead of notifying its users at the first moment, Uber paid hackers to keep quiet.
Stolen data belonged to 50 million riders and 7 million drivers, containing names, email addresses and phone numbers. The drivers’ breached data also include 600,000 U.S. drivers’ license numbers.
Under California state law, Uber should have notified state residents of this breach. Since there are more than 500 residents affected, it should also have informed the attorney general. However, Uber attempted to cover up this breach by paying the hackers $100,000 to deleted the stolen data.
See detailed report:
1. Bloomberg: Uber Paid Hackers to Delete Stolen Data on 57 Million People
2. The Guardian: Uber concealed massive hack that exposed data of 57m drivers and user