Uber Under Scrutiny For Breach

Uber is taking responsibility for a data breach in 2016 that exposed millions of its users to malicious hackers in an effort avoid prosecution.

Uber concealed breach

The concealed breach led to threat actors accessing and copying a trove of data “pertaining to approximately 57 million user records with 600,000 drivers’ license numbers” after using stolen credentials to access a private database.

“Uber Technologies has entered a non-prosecution agreement with federal prosecutors to resolve a criminal investigation into the coverup of a significant data breach suffered by the company,” said the DoJ, citing the FBI and US Attorney’s office that investigated the case.

New management didnt know

Uber didnt announce the incident to the Federal Trade Commission (FTC) for the first year, the point in which it was announced the company was under new management.

“Upon learning of the 2016 data breach, the new leadership team investigated and disclosed it to affected drivers, to the public, to law enforcement, and to foreign and domestic regulators, including state attorneys general and the FTC,” said the DoJ.

Filing a non-prosecution agreement on July 22 with the US Attorney’s office in northern California. Uber stated it admittance that its staff failed to report the breach when it occurred in November 2016, despite a pending investigation by the FTC into the controversial company.

Uber agrees to better measures

Confirming in October 2018, one year after finally admitting it, “Uber agreed to maintain a comprehensive privacy program for 20 years and to report to the FTC any incident reported to other government agencies relating to unauthorized intrusion into individuals’ consumer information.”

The agreement also claims that Uber “has invested substantial resources to significantly restructure and enhance the company’s compliance, legal, and security functions” since the incident.

Other issues

The US-based ride-hailing service platform has come under fire in recent years, and is banned in cities around the world amid claims it flouted local laws, duped police, and exploited violence against drivers.

Last weeks article is available here.

Share This Post:

Facebook
Twitter
LinkedIn
Pinterest
Email
WhatsApp
Alex Cunningham
Alex Cunningham
Alex is an information governance graduate, his main role is to support clients on how to help mitigate information security risks. Having recently graduated with a degree in Cyber Security with a focus on user-based security issues and risks. Alex enjoys playing video games, watching movies and going outside to visit new places with his dog Ruby.
What our clients say:
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue