Uber recognises need for consumer trust after breach cover up

Adjust Comment Print

Over half admitted that they weren't aware of the situation prior to being asked by Egress, however, having been made aware of the fact that Uber tried to cover up the breach, more than half (53 percent) of respondents say it has made them want to stop using the taxi app.

"Companies like Uber will not be able to hide the breaches of our personal data from us or face penalty", she said, without mentioning a sum for an European Union fine for Uber. Potential exposure under the NDB scheme is only likely to exacerbate the concerns, with significant penalties for Australian companies that fail to protect customers' PII or fail to quickly take appropriate steps after a breach.

As the United Kingdom data protection regulator has opened an investigation into the hack of customer and driver data at Uber, the maximum penalty could be about £500,000 ($662,350, €563,000) under current British law for organizations that fail to notify affected users and regulators when data breaches occur. Credit reporting service Equifax waited several months before revealing this past September that hackers had carted off the Social Security numbers of 145 million Americans.

Uber said it will individually notify drivers for the company whose license numbers were stolen.

"Effective today, two of the individuals who led the response to this incident are no longer with the company", he said.

He said the incident, which he had only recently learned of, did not breach our corporate systems or infrastructure.

Khosrowshahi criticized Uber's handling of its data theft in his blog post. The hackers then demanded money from Uber in exchange for their silence and to destroy all their swiped copies of the records.

More news: IGP reiterates 'commitment' to local militants who want to 'rejoin their families'

And the cyber-thieves made off with 600,000 U.S. driver records that included their license numbers.

Bloomberg reports that the breach involved two attackers accessing a private code site located on Github.

"None of this should have happened, and I will not make excuses for it", he wrote.

The San Francisco company ousted Travis Kalanick as CEO in June after an internal investigation concluded he had built a culture that allowed female workers to be sexually harassed and encouraged employees to push legal limits.

"While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes", Khosrowshahi said, adding, "We are changing the way we do business".

After Uber's disclosure Tuesday, New York Attorney General Eric Schneiderman launched an investigation into the hack.

The National Cyber Security Centre (NCSC) is investigating if this breach has affected Uber customers in the UK.