A combined total of 57 Million personal details was hacked late last year in October. The data consisted of 50 Million Uber Riders and 7 Million Uber Drivers.
The hackers broke in by scraping developer passwords off the popular development site Github. This allowed them to access a private data store that housed all of Ubers private data. They took the names, email addresses and mobile phone numbers of passengers and drivers. The thieves also nabbed the driver's licence numbers of 600,000 Uber drivers in the U.S.
Breaches happen all the time, and more recently with much greater frequency. What makes this case so upsetting is that Uber has withheld this information from the public, primarily the affected passengers and drivers. It's been over a year and victims of this may have unknowingly had to deal with such problems like identity theft. Especially those of the users that had their drivers license numbers stolen.
How did they get away with it for this long? They paid the hackers a hundred thousand dollars to keep quiet and delete the data.
Uber is offering the standard credit monitoring service for 1 year, too bad its 1 year too late. Better late than never they believe as they have a lot of brand reputation to repair as they have been on the bad side of the press in recent years. You can view the official press release from Uber at the following link
In unrelated news, Google led a Billion dollar investment round for Ubers primary competitor Lyft just two days ago. Coincidence? I think someone in Lyfts camp was going to leak this story forcing Uber to release a statement first. Gossip. Gossip.