Thursday, November 23, 2017
Associated Press
SAN FRANCISCO
Uber is coming clean about its cover-up of a year-old hacking attack that stole personal information about more than 57 million of the beleaguered ride-hailing service’s customers and drivers.
So far, there’s no evidence that the data taken has been misused, according to a Tuesday blog post by Uber’s recently hired CEO, Dara Khosrowshahi. Part of the reason nothing malicious has happened is because Uber acknowledges paying the hackers $100,000 to destroy the stolen information.
The revelation marks the latest stain on Uber’s reputation. It also brought an investigation from New York’s attorney general and threats of larger-than-normal fines from British authorities for failing to promptly disclose the hack.
The San Francisco company ousted Travis Kalanick as CEO in June after an internal investigation concluded he had built a culture that allowed female workers to be sexually harassed and encouraged employees to push legal limits.
It’s also the latest major breach involving a prominent company that didn’t notify the people that could be potentially harmed for months or even years after the break-in occurred.
Yahoo didn’t make its first disclosure about hacks that hit 3 billion user accounts during 2013 and 2014 until September 2016.
Credit reporting service Equifax waited several months before revealing this past September that hackers had carted off the Social Security numbers of 145 million Americans.