On October 2016, Uber Technologies Inc. concealed a major data breach by paying one hundred thousand USD ($100,000) to hackers.

Uber Technologies Inc. is a global transportation technology company headquartered in San Francisco, California, United States, operating in 633 cities worldwide.  It develops, markets and operates the Uber car transportation and food delivery mobile apps.  Uber drivers use their own cars although drivers can rent a car to drive with Uber.

The year 2017 gave a series of setbacks to Uber.  Last January 2017. Uber taxi drivers held a protest against the company to lift surge pricing.  By March, it was exposed that Uber uses a tool to systematically deceive authorities in cities where Uber was violating local laws.  Furthermore, CEO Travis Kalanick resigned by June 2017.  This September 2017, Uber lost its London license to operate.

Uber concedes hiding a 2016 major data breach that uncovered the information of 57 million Uber clients and drivers, neglecting to unveil the hack to controllers or influenced people.  The organization paid a one hundred thousand USD $100,000 payment to the attackers to devastate the data and keep the rupture calm.

The attackers stole individual information of around 57 million Uber passengers and drivers worldwide including names, email locations and telephone numbers, and also the names and driver’s license of around 600,000 drivers in the United States.  The organization said more delicate data, for example, area information, credit card numbers, financial accounts, and birth dates, had not been traded off.

Now Uber CEO Dara Khosrowshahi has reportedly asked for the resignation of Uber Chief Security Officer Joe Sullivan, and one of his deputies, Craig Clark, who collaborated to conceal the attack.

The Uber company shall surely face numerous lawsuits and claims for damages.  While this is undeniably true, the affected individuals, who are drivers and passengers must find ways to remedy the breach of their credentials by changing account passwords, Uber app password, and discard of personal accounts if possible.

In addition, the Uber company also says that it is monitoring the affected accounts for fraudulent activity and that riders do not need to take any action against this incident.  Despite the company’s assurance, affected individuals must not be complacent and shall secure their exposed credentials themselves.


Manny Cuevas

My name is Manny Cuevas a Security Researcher / Engineer for about 15 years that focuses on Web and Mobile applications and other platforms from the Island of Sulu, Philippines. I’m also a scientist, inventor and a top ranked hacker in the world that bypass all security systems.


Leave a Reply

Your email address will not be published. Required fields are marked *