In October 2016 hackers stole the personal data including names, email addresses and mobile phone numbers of 57 million customers and drivers from Uber Technologies Inc.
This week, Uber Technologies Inc. paid hackers $100,000 to keep the hack under wraps, newly minted CEO Dara said in a statement on Tuesday.
Uber says that credit card details, trip location, security numbers, and other sensitive information were not stolen in the hack. The company didn’t find any evidence of fraud and drivers whose license numbers had been stolen would get free identity theft protection and credit monitoring.
Two hackers penetrated GitHub which is a private site used by Uber software engineers to obtain access to login credentials that were used to access an separate cloud-services provider. A collection of information of rider and driver was included in the AWS database which the hackers downloaded to ransom the company.
Two employees responsible for the hack were fired by the company. The company immediately took the steps to protect the data and shut down further unauthorized access by the hackers. It also developed security measures to boost controls on their cloud-based storage accounts, Khosrowshahi said.
Khosrowshahi said in a statement, “We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”
Khosrowshahi also said that he can’t erase the past but the company will learn from its mistakes.