Uber keeps running into trouble. The latest public relations black eye for the app-enabled car hiring service comes courtesy of a massive 2016 data breach.
Last week, the company revealed that two hackers had in October 2016 broken into a server used by the company and stolen names, email addresses and phone numbers of 50 million riders and 7 million drivers.
The data breach was bad enough. But, as with so many things related to Uber, management’s handling of the breach makes it worse. That’s because the company didn’t bother to tell users about the breach for a year after management there learned of it, according to TechCrunch.
On Tuesday, a year after it had learned about the breach, Uber informed the press that hackers had accessed the personal data of 57 million Uber users and drivers.
It said ~50M Uber riders were affected and around seven million drivers. Data accessed included names, email addresses and phone numbers in the case of Uber users. Some 600,000 US driver’s license numbers were also accessed. Uber has claimed no financial information leaked.
It also apparently paid $100,000 to the hackers to delete the data.
Uber also said some of the data involved users of its service outside the US, though it has not yet publicly provided a breakdown of specific affected markets.
The company’s lack of transparency has the potential to land it in hot water with European regulators. Reuters reports:
European Union privacy regulators will discuss ride-hailing app Uber‘s massive data breach cover-up next week and could create a task-force to coordinate investigations.
Uber faces regulatory scrutiny after CEO Dara Khosrowshahi said the company covered up a data breach last year that exposed personal data from around 57 million accounts.
The chair of the group of European data protection authorities – known as the Article 29 Working Party – said on Thursday the data breach would be discussed at its meeting on Nov. 28 and 29.
To learn more about PrintKiller Media, click here.