Uber concealed huge data breach - company confirms
| Updated Nov 22, 2017 at 6:23am
Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed.
The 2016 breach was hidden by the ride-sharing firm which paid hackers $100,000 (£75,000) to delete the data.
The company's former chief executive Travis Kalanick knew about the breach over a year ago, according to Bloomberg, which first broke the news.
The hackers found 57 million names, email addresses and mobile phone numbers, Uber said.
Within that number, 600,000 drivers had their names and license details exposed.
Uber did not confirm precise details of the hack, but according to Bloomberg's report, two hackers were able to access a private area of Github, an online resource for developers.
From there it is understood they found Uber's log-in credentials to Amazon Web Services. AWS is a cloud computing service used by companies to store data.
As is often the case, it will likely be the cover up that proves more bothersome for Uber than the hack itself.
Companies are required to disclose significant data breaches to regulators, something it has by its own admission failed to do in this case.
Uber has form. In January it was fined $20,000 for failing to disclose a considerably less serious breach in 2014.
A resource page for those affected has been set up.
Drivers have been offered free credit monitoring protection, but per Uber's statement, affected customers will not be given the same.
In the wake of the news, Uber's chief security officer Joe Sullivan has left the company.
SOURCE: BBC News