Uber has leaked personal information of 57 million passengers / drivers and paid money to hackers as a result


Uber, who is in trouble with legal matters, Uber has revealed that personal information of users and drivers had been stolen by hackers more than a year ago. In addition, Uber's person in charge at that time was paying 100,000 dollars (about 12 million yen) due to hacker's request, and the person involved in the incident is chasing Uber.

Uber Paid Hackers to Delete Stolen Data on 57 Million People - Bloomberg

Two hackers involved in the case were unlawfully accessed to GitHub used by Uber's software engineer first in November 2016, and using the login information acquired by Uber's software engineer, the Amazon Web Service AWS) account. Uber illegally acquired the personal information of 570,000 users and drivers saved by Uber and requested Uber for ___ ___ ___ 0 ___ ___ 0 The security officer at that time was afraid of the incident and said that he paid 100,000 dollars (about 12 million yen) as requested by hackers.

The stolen data includes the user's name, e-mail address, telephone number of 50 million people, and personal information of the driver of 7 million people, that is, 57 million people's personal information, The driver's license number of 600,000 American drivers is also included. However, it does not include social security numbers, credit card information in the United States, usage history of Uber, etc. in this.

It was the time when Uber had another problem of leakage of personal information when this outgoing play occurred. Originally there was an obligation to report the facts of the spill and take responses, but the person in charge at that time discards the data by paying ransom to the hacker and seeking not to say publicly about this matter. According to the incident, Uber said that the stolen information was not evident and that it did not disclose information on hackers.

It was Mr. Travis Caranic, who was co-founder and CEO of the company, who led Uber at the time of the incident. Mr. Caranic was informed about the incident when it was one month after the occurrence. Mr. Joe Sullivan, who was a security officer at that time, was a person who had a background from joining the Uber from the U.S. Attorney via Facebook, and was responsible for a series of judgments.

ByJD Lasica

Uber appeared as a groundbreaking ride sharing service, but as users expanded,Rape incident by registered driverAnd to interfere with the business of rival companiesSend lots of fake reservationsIn cases such as cases, and those in litigationSurvey using former CIA staffIt is a fact that the troubles were conspicuous in all over the world, including doing. Mr. Karanick also stressed the pressure from stakeholders that "Uber is put in a legal risk", so Mr. Caranic left the position of CEO in June 2017 and is now an officer .

Mr. Dara Koslochanshi, who took over as Mr. Caranic after taking over as CEO, said that it is his mission to change the climate of Uber, and with regard to this one case, "such an event should not have happened There is no intention to excuse me, Uber is at the stage of changing business way. "

in Note,   Web Application,   Security, Posted by darkhorse_log