Hackers plundered the personal data of 57 million Uber customers and drivers - but the app-based cab company covered up the breach for a year, paying the pirates to keep quiet instead, according to a new report.
Apart from this, personal information about seven million Uber drivers was accessed as well. The hackers stole names and driver's license numbers of around 600,000 drivers in the USA, as well as rider names, email addresses and mobile phone numbers.
In a blog post, Khosrowshahi said that a forensic examination internally revealed no indication that Social Security numbers, credit card details, or trip location had been lifted. The hackers found a trove of rider and driver data, downloaded it, and reportedly emailed the company demanding money.
The hackers also managed to download the names and driver's licence numbers of around 600,000 drivers in the US.
He also said the company has notified authorities.
There are at least five criminal probes into Uber, looking into alleged bribery, illicit software, pricing schemes, and theft of a competitor's IP. In 2014 the data of 50,000 Uber drivers was compromised in another hack. Khosrowshahi asked for Sullivan's resignation and fired Craig Clark, a lawyer who reported to Sullivan.
'The Good Place' Has Been Renewed for Season 3 at NBC
The Good Place is now on hiatus, but returns for the second half of season 2 on Thursday, January 4 at 8:30/7:30c. In fact, it grew "to a 2.6 in the key demo, a bump up from its 2.57 rating compared with this time last season".
Bloomberg first reported news of the hack. The hack didn't penetrate Uber's corporate systems or infrastructure, he said. In addition, the statement said the two individuals who led the company's response to the incident are no longer with the company.
Uber did not immediately respond to a request for comment. The company told Bloomberg West has been briefed on the cyberattack.
The data was compromised in October 2016, and Uber has managed to hide the breach for more than a year, according to Bloomberg. Uber hired Mandiant, a cybersecurity firm owned by FireEye, to investigate the hack. "We are monitoring the affected accounts and have flagged them for additional fraud protection", the Uber said.
Uber says it plans to release a statement to customers saying it has seen "no evidence of fraud or misuse" associated with the hack.