Uber reportedly paid hackers $100,000 to cover up a cyberattack that exposed the personal data of 57 million people
Uber paid hackers $100,000 to cover up a 2016 cyberattack that exposed the personal data of 57 million people, including both riders and drivers, Bloomberg's Eric Newcomer reported Tuesday.
The data breach, which occurred in October 2016, was not made public until Tuesday when Uber quietly published a blog post about the incident. But Uber's former CEO Travis Kalanick was made aware of the breach just a month after it occurred.
"None of this should have happened, and I will not make excuses for it," Dara Khosrowshahi, who joined Uber as CEO in September, wrote in the post. "We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers."
Among the info stolen was trove of data including the names, emails, phone numbers for 50 million riders globally, as well as the personal information of 7 million drivers. This included US driver's license numbers, but no Social Security numbers, according to Uber.
Two of the people responsible for Uber's handling of the breach are no longer with the company as a result of the findings, Khosrowshahi wrote in the post.
One of them is Joe Sullivan, Uber's chief security officer, who was asked by Khosrowshahi to resign, according to Bloomberg. Sullivan had previously worked at Facebook.
One of Sullivan's direct reports, a lawyer named Craig Clark, was fired, according to the report.
Uber did not immediately respond to a request for comment.
About Article Author