Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.
Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.
I deleted my account a year ago or so — maybe more — and have not looked back. I refuse to do business with a company this evil, which tries to sweep all of its failures under the rug.
Dustin Volz, writing for Reuters:
“We’ve been building through the turmoil and challenges because we already had our mandate,” said Sullivan, who is a member of the executive leadership team that has been co-running Uber since Kalanick left in June.
An update to the app made last November eliminated the option for users to limit data gathering to only when the app is in use, instead forcing them to choose between letting Uber always collect location data or never collect it.
Uber said it needed permission to always gather data in order to track riders for five minutes after a trip was completed, which the company believed could help in ensuring customers’ physical safety. The option to never track required riders to manually enter pickup and drop-off addresses.
I’m pretty sure their backtracking on the issue is the result of #DeleteUber and other protests — they miscalculated.
Susan J. Fowler:
After the first couple of weeks of training, I chose to join the team that worked on my area of expertise, and this is where things started getting weird. On my first official day rotating on the team, my new manager sent me a string of messages over company chat. He was in an open relationship, he said, and his girlfriend was having an easy time finding new partners but he wasn’t. He was trying to stay out of trouble at work, he said, but he couldn’t help getting in trouble, because he was looking for women to have sex with. It was clear that he was trying to get me to have sex with him, and it was so clearly out of line that I immediately took screenshots of these chat messages and reported him to HR.
I cannot imagine anyone I know behaving in the fashion described by Susan. I don’t know her, I do believe her words, yet I cannot fathom how something like this could happen. I have long since stopped using their service and this piece just reaffirms my decision to do so was correct.