Uber Paid Hackers $100,000 or £75,000, To Delete 57M Stolen Data

Back in 2016, taxi service provider Uber experienced a massive hacking issue that affected nearly 50 million passengers and 7 million taxi drivers’ personal information, as confirmed by the company.

However, there are reports that it settled an amount of $100,000 to the hacking group to delete the millions of data they stole during that time.

According to the latest reported news through RT.com, Uber had paid the hacking group in order to request for deletion of the stolen information from its millions of drivers and passengers. The popular alternative taxi service provider spent almost $100,000 to settle the hackers last year.

Uber had reportedly requested the hackers to keep the data breach in secret.

To make sure that the company does lose the trust of its passengers and drivers, Dara Khosrowshani confirmed the issue about hacking in 2016 on Tuesday. They want to show transparency and honesty to the people about the data breach.

“I recently learned that in late 2016 we became aware that two individuals outside the company had inappropriately accessed user data stored on a third-party cloud-based service that we use,” said Dara as quoted by the reported news.

Khosrowshani is the new Chief Executive Officer (CEO) of Uber Technologies Inc.

From the published information through Bloomberg, the company spent about $100,000 to settle the two hackers and the agreement is that they will delete the stolen personal data such as email addresses, names mobile phone numbers and an estimated 600,000 numbers of driver’s licenses.

In line with this issue, the company made a decision to fire Joe Sullivan this week because he got involved to the massive data breach last year, which occurred last October in 2016, the report from Bloomberg added.

Joe Sullivan is the former Chief Security Officer of the company and such incident really affected his reputation.

To make sure the affected passengers and drivers are aware of the situation, Uber provided them with individual resource pages wherein they will have free credit monitoring as well as protection against identity theft, as detailed on the news online. The alternative taxi-provider however revealed that the history of locations, dates of births, credit card numbers, bank accounts and Social Security numbers of the affected individuals are not part of the data breach.

“The incident did not breach our corporate systems or infrastructure,” said the new CEO of the company.

“Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded,” he continued.

Uber likewise stated through Khosrowshani that at least two persons became responsible for the massive hacking of the personal data. They already terminated them and one of them is the former Chief Security Officer Joe Sullivan as detailed above. The other involved person is a deputy officer of Sullivan.

According to the news published by express.co.uk, the former security officer of Uber made a decision to hide the issue as an effort to cover up the possible security and privacy scrutiny that might affect the company. This incident occurred during the discussions with the United States regulators that investigated the mishandling of the personal data of the affected passengers and riders.

The investigation started last October to determine the faults of Sullivan’s team, which caused the breach. Again, the new CEO wants a transparency to its valued drivers and passengers for the ongoing investigation.

Based on the investigation as reported online, the hacking groups made use of a code repository (GitHub) and this is similar what the engineering department of the company is using.

They successfully hacked the personal information through an Amazon cloud server.