Uber has revealed that it was hacked last year and the company has also revealed that it paid the hackers to destroy the date taken in the hack. The company has announced that data from 57 million users was taken and also data from 600,000 of their drivers. The company paid the hackers $100,000.
The hack was kept quiet since it happened in October of 2016 and this week Uber has fired their chief security officer after the hack was kept quiet for more than a year. The news of this security breach was announced by the company’s new CEO Dara Khosrowshahi.
The data that was taken was names, emails addresses and phone numbers of 57 million Uber users, plus the names and drivers license number of 600,000 Uber drivers. The company has said that their own servers were not breach. The hack happened on a third party cloud service where some data was stored.
At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.
Uber are now making changes to make sure this does not happen again. Their new CEO appears to be on the ball and looks like he will be taking things like security seriously from his post, you can see the full press release at the link below.