Uber found themselves the victim of hackers, their response was inexcusable.
Last October Uber was hacked. The personal information of 50 million users and 7 million drivers was in the hands of hackers. Earlier in the year Uber had found themselves fined for $20,000 for not disclosing a breach in a timely manner. At the time of this hack, the company was dealing with other privacy related issues. Uber apparently didn’t treat these issues as learning experiences.
Instead of doing the right thing and disclosing the breach, they chose to pay the hackers, and keep the news of the breach private. Uber received assurances from the cybercriminals that hacked them that the personal information would be destroyed after payment of the ransom. Uber apparently believed them.
The news of the breach was kept quiet for over a year. New CEO Dara Khosrowshahi has confirmed the breach in a statement. “None of this should have happened, and I will not make excuses for it,” she wrote, “We are changing the way we do business.” I certainly hope so.
57 million individuals personal information was left in the hands of hackers. Who knows if that actually happened? I tend not to trust criminals. The company states they don’t believe that any of the information was used, but this is coming from a company with a history of seemingly ignoring laws and regulations. In this case, they chose to cover up a security breach, even as they were dealing with the repercussions of a previous breach.
Khosrowshahi stated that they are changing the way they do business. Good. Let’s hope she can really change the way they do things. Because the way prior CEO and co-founder Travis Kalanick was running the business was inexcusable.
Good luck in the future Uber. I’ll be calling a cab.