Uber acknowledged on Tuesday that two individuals in October 2016 had accessed and downloaded data on 57 million Uber riders and drivers that was stored in a third-party infrastructure system. The company says none of its own systems were breached.
This included a payment of $100,000 to the two hackers who had accessed the data in exchange for their promise to keep quiet and delete the information, according to the report.
As part of the cyberattack, the names and driver license numbers of around 600,000 drivers were accessed, according to Uber. 57 million Uber users also had their information exposed, including names, emails, and mobile phone numbers, the company said in a blog post. Uber said other personal information including trip details or credit card information was not accessed.
As a result, Uber’s new CEO Dara Khosrowshahi has reportedly asked for the resignation of Uber’s Chief Security Officer, Joe Sullivan, and a lawyer who reported to him.
In July 2017, the global director of Uber, David Richter, stressed that Mexico City is the second city with more presence of the firm in the world.
Federico Ranero, director of the company in Mexico, said that currently Uber has 230 thousand active driving partners in Mexico and that the firm had the intention of doubling that figure in a period of a year and a half. The hack affected 7 million drivers globally.
The company globally issued a statement acknowledging that it was a mistake not to warn users and drivers about the hack, when they became aware in November 2016.
“None of this should have happened, and I will not try to justify it.” While I cannot erase the past, I can commit on behalf of every Uber employee we will learn from these mistakes We are changing the way we work, putting integrity in the center of every decision and striving to gain the trust of our customers, “company CEO Dara Khosrowshahi said in a blog post.