Uber says the breach was carried out by an “unauthorized third party” and that it took steps to plug the leak once it had been discovered (which didn’t happen until September). It’s reached out to the drivers whose information was potentially siphoned off, offering them a free one year membership to an identity theft protection service as compensation.
“We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident,” explains Uber’s Managing Counsel of Data Privacy Katherine Tassi. “Uber takes seriously our responsibility to safeguard personal information, and we are sorry for any inconvenience this incident may cause. In addition, today we filed a lawsuit that will enable us to gather information to help identify and prosecute this unauthorized third party.”
50,000 users is not a huge number relative to other recent hacks — Uber describes it as “a small percentage of current and former Uber drivers” — but if you have been registered as a driver with the service then you’re going to want to check your bank statements for any suspicious activity. The ‘John Doe’ lawsuit filed by Uber is designed to gather information about the as-yet-unknown third party responsible for the hack.
Despite a few bumps along the road, Uber is continuing its expansion across the world, and may even be eyeing up the driverless car market. Our verdict? Despite the company’s faults, getting an Uber is still a lot better than climbing into a normal cab.
Editors' Recommendations
- The Uber hack is an outrageous tale of a teen hacking for fun
- Destructive hacking group REvil could be back from the dead
- Major Twitter hack in 2020 results in another arrest
- Tesla factories’ security cameras caught up in wider hack
- iPod hack puts 50 million Spotify songs in your pocket
