Hundreds of Thousands in Singapore and the Philippines Affected in Uber Data Breach
In the USA, some 600,000 drivers’ license numbers were also downloaded by the hackers. There is no official number yet on how many Malaysian users are affected, although Uber Malaysia has already notified local authorities regarding the incident.
Uber did not publicly disclose the breach until last month. According to Uber, two hackers downloaded the data through the server of a third-party cloud-computing provider. Reportedly, the hackers demanded money to delete the stolen data, and Uber paid them US$100,000. If you are thinking that paying off extortionists doesn’t seem like the right thing to do, well, it turns out that the ride-hailing company is not the only one—the FBI and other private security companies told Reutersthat the number of companies paying off hackers is increasing.
Uber’s CEO at the time, Travis Kalanick, the Chief Security Officer, Joe Sullivan, and a deputy have since been ousted from the company (Kalanick’s departure in June was due to many more reasonsthat this). This leaves relatively new CEO, Dara Khosrowshahi, who was unaware of the scandal when he came on-board, to clean up the shit undo as much damage as possible. (“You may be asking why we are just talking about this now, a year later. I had the same question,” Khosrowshahi wrote in a blog post.)
Even though Uber insists that no credit card or bank account details were exposed, the situation is still very serious. Even with these limited information, you could be targeted by phone or email scammers, and become victim to identity theft; these seemingly simple set of information could help scammers to obtain even more vital personal data. Alas, this is the way the Brave New “Connected” World works today, where no data is 100% safe, no matter what kind of data protection law is enacted.