Uber Held Back Notification of Gigantic Data Breach
Uber covered up one gigantic global hack in which private data belonging to 57m vehicle hirers and car drivers were stolen during October 2016. The company failed to inform concerned people, including the regulators, it admitted November 21, 2017. Uber further substantiated that it had made a $100K payment to the hackers in exchange of erasing the stolen data while also hush up the hacking incident.
The information security group of Uber had its two members overlooking notifying customers about the theft of their data. These members quit the business that operated from San Francisco, said Uber chief Khosrowshahi. According to him, he just of late learnt about the outsiders who'd infiltrated one cloud-based server the company had to store data as well as download plentiful information. France24.com posted this, November 22, 2017.
As per Bloomberg, Github.com an online site that software engineers use acquired login details pertaining to information saved inside one Amazon Web Services A/C which Uber regulated. Inside that A/C the company discovered one archive having data pertaining to drivers and riders.
Hackers who executed the attack weren't high-tech - they invaded 2 Uber engineers' accounts via Github a coding website. On that site the attackers got the passwords that open certain repository of online data comprising personal information. Uber stated that further sensitive info like bank account or payment card numbers, birth dates, Social Security Numbers and location hadn't been compromised.
The intruders accessed some 7m drivers' personal information, among which were the license numbers of 600K U.S drivers. They, however, didn't take trip location particulars, Social Security Numbers, else other data. When the incident was occurring, the rider company was engaged in a discussion with United States regulators probing different kinds of privacy violations as claimed.
It is not a maiden hack into Uber or the company overlooked reporting it. Uber acquiesced with Eric Schneiderman Attorney General of New York for a settlement of AUD 26,000 in 2016. This settlement followed many months Uber took for reporting a data hack. The company acquiesced with paying $20,000 as penalty to AG Schneiderman and Uber's drivers over not notifying the breach on time.
» SPAMfighter News - 27-11-2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!