Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • Subscribe!
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings

Uber Tried Concealing Cyberattack Revealing Information On 57 Million Individuals

By Michael Luciano | November 22, 2017

Share

Ride-hailing company Uber Technologies Inc. has between 40-50 million active monthly riders, and is especially popular in major U.S. cities. When news of the company suffering a data breach that exposed personal data of over 57 million customers and drivers first surfaced, the story’s most unnerving part was Uber’s efforts at concealing the incident…which occurred more than one year ago.

Two hackers allegedly accessed a private GitHub coding site that Uber software engineers used. The cybercriminals then used login credentials attained from the site to access data stored on an Amazon Web Services account, which handled Uber’s computing tasks. Next, the hackers uncovered an archive containing an extensive directory of information on millions of customers and drivers. The hackers gained access to information that included names, email addresses, and phone numbers of over 50 million Uber customers worldwide.

Roughly seven million drivers had their personal data exposed, including license numbers of over 600,000 U.S.-based drivers. Despite the large quantity of information exposed, Uber claims personal data like social security numbers, credit card information, and trip location details wasn’t compromised. Upon emailing Uber with demands for money, the company reportedly issued a sum of $100,000 to the attackers.

In the wake of this story surfacing, Uber severed ties with Joe Sullivan, the company’s former chief security officer, along with one of his deputies for their efforts of concealing the data breach. A mix of state and federal laws make companies like Uber legally obligated to report these kinds of data breaches to regulators and drivers whose license numbers were exposed. Instead, Uber agreed to pay the hackers if they deleted any data they obtained. Uber claims none of the personal information accessed was ever used, and the company declined to reveal any information on the cybercriminals who facilitated the breach.

Travis Kalanick, one of Uber’s co-founders and CEO at the time, became aware of the data breach back in November 2016 (one month after it actually occurred). Sullivan (the company’s CFO at the time), who spearheaded a response to the incident, was with Uber since 2015 (previously with Facebook), and has been the focus of most decision-making that’s given Uber many of its recent publicity and ethical issues. Sullivan and his security team’s handling of (and failure to report) the data breach, are currently under investigation by Uber’s board of directors.

While this recent breach is the latest of numerous scandals to plague the transportation service, the cyberattack pales in comparison to the ones that happened to companies like Yahoo, MySpace, Target, Anthem, and (most recently), Equifax. What does stand out are the measures Uber took to conceal the breach, in spite of their legal obligations to report such incidents, and is making many people wonder what other incidents Uber might have swept under the carpet (and whether other companies might have pulled similar stunts).


Filed Under: M2M (machine to machine)

 

Related Articles Read More >

Part 6: IDE and other software for connectivity and IoT design work
Part 4: Edge computing and gateways proliferate for industrial machinery
Part 3: Trends in Ethernet, PoE, IO-Link, HIPERFACE, and single-cable solutions
Machine Learning for Sensors

DESIGN GUIDE LIBRARY

“motion

Enews Sign Up

Motion Control Classroom

Design World Digital Edition

cover

Browse the most current issue of Design World and back issues in an easy to use high quality format. Clip, share and download with the leading design engineering magazine today.

EDABoard the Forum for Electronics

Top global problem solving EE forum covering Microcontrollers, DSP, Networking, Analog and Digital Design, RF, Power Electronics, PCB Routing and much more

EDABoard: Forum for electronics

Sponsored Content

  • Industrial disc pack couplings
  • Pushing performance: Adding functionality to terminal blocks
  • Get to Know Würth Industrial Division
  • Renishaw next-generation FORTiS™ enclosed linear encoders offer enhanced metrology and reliability for machine tools
  • WAGO’s smartDESIGNER Online Provides Seamless Progression for Projects
  • Epoxy Certified for UL 1203 Standard

Design World Podcasts

July 26, 2022
Tech Tuesdays: Sorbothane marks 40 years of shock and vibration innovation
See More >
Engineering Exchange

The Engineering Exchange is a global educational networking community for engineers.

Connect, share, and learn today »

Design World
  • Advertising
  • About us
  • Contact
  • Manage your Design World Subscription
  • Subscribe
  • Design World Digital Network
  • Engineering White Papers
  • LEAP AWARDS

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • Subscribe!
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings