The company would have paid the hackers $ 100,000 to keep them quiet. An idea that came from the head of computer security, which has since been fired.
The end of the year looks tormented for Uber. The Californian company has just admitted to being the victim of a huge piracy in 2016. In a statement , the CEO explains that two hackers were able to access at the end of last year at one of its cloud storage spaces and steal the data from 57 million users worldwide.
Cybermalfrats got their hands on names, e-mail addresses and cell phone numbers. "According to our external court experts, shopping history, credit card and bank account numbers, social security numbers and birth dates have not been compromised," says Uber in a support note. . Hackers also stole the names and license numbers of 600,000 American drivers. However, Uber did not find "any fraud or abuse related to this incident" .
What makes this hacking so special is the fact that the company tried to hide it, according to Bloomberg . She should have immediately notified the regulators and the drivers, but she preferred to pay the hackers $ 100,000 to erase the stolen data and keep quiet about the case. At the time of this incident, Uber was in talks with the Federal Trade Commission to resolve various privacy issues. Disclosing 57 million user data would not have made things easy, that's for sure.
Uber and his dark side
The decision to hide the case would have been made by Joe Sullivan, the company's IT security manager. He and one of his deputies have just been fired. The pot of roses was discovered after an internal investigation led by Dara Khosrowshahi, who took the office of CEO in September 2017. The first mission that the new leader has given himself is precisely to clean up the culture entrepreneurial venture instilled by founder Travis Kalanick, which has generated practices sometimes at the limit of legality , such as the spying of employees. And Joe Sullivan was apparently a pillar of this nefarious strategy.
"None of this should have happened and I will not apologize for it. If I can not erase the past, I can assure you that we will learn from our mistakes. We will change the way we do business, base each decision on the principle of integrity and work hard to regain the trust of our customers, " concludes Dara Khosrowshahi in his statement. In the meantime, he will certainly face a new legal process. Following the revelation of this hacking, New York prosecutor Eric Schneiderman opened an investigation.
Source : Bloomberg
