# Uber Concealed Cyberattack That Exposed 57 Million People’s Data



## ChinatownJake (Jan 3, 2016)

https://www.bloomberg.com/news/arti...rattack-that-exposed-57-million-people-s-data

_Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.

At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, *the company paid hackers $100,000 to delete the data and keep the breach quiet*. Uber said it believes the information was never used but declined to disclose the identities of the attackers._


----------



## Irishjohn831 (Aug 11, 2017)

*Uber Concealed Cyberattack That Exposed 57 Million People's Data*
By 
Eric Newcomer
November 21, 2017, 4:58 PM EST

Company paid hackers $100,000 to delete info, keep quiet
Chief Security Officer Joe Sullivan and another exec ousted
Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing company ousted Joe Sullivan, chief security officer, and one of his deputies for their roles in keeping the hack under wraps.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.

At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, the company paid hackers $100,000 to delete the data and keep the breach quiet. Uber said it believes the information was never used but declined to disclose the identities of the attackers.

"None of this should have happened, and I will not make excuses for it," Dara Khosrowshahi, who took over as chief executive officer in September, said in an emailed statement. "We are changing the way we do business."

Hackers have successfully infiltrated numerous companies in recent years. The Uber breach, while large, is dwarfed by those at Yahoo, MySpace, Target Corp., Anthem Inc. and Equifax Inc. What's more alarming are the extreme measures Uber took to hide the attack. The breach is the latest explosive scandal Khosrowshahi inherits from his predecessor, Travis Kalanick.

Kalanick, Uber's co-founder and former CEO, learned of the hack in November 2016, a month after it took place, the company said. Uber had just settled a lawsuit with the New York attorney general over data security disclosures and was in the process of negotiating with the Federal Trade Commission over the handling of consumer data. Kalanick declined to comment on the hack.

Sullivan spearheaded the response to the hack last year, a spokesman told Bloomberg. Sullivan, a onetime federal prosecutor who joined Uber in 2015 from Facebook Inc., has been at the center of much of the decision-making that has come back to bite Uber this year. Bloomberg reported last month that the board commissioned an investigation into the activities of Sullivan's security team. This project, conducted by an outside law firm, discovered the hack and the ensuing cover-up, Uber said.

Here's how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.

A patchwork of state and federal laws require companies to alert people and government agencies when sensitive data breaches occur. Uber said it was obligated to report the hack of driver's license information and failed to do so.

"At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals.," Khosrowshahi said. "We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts."

Uber has earned a reputation for flouting regulations in areas where it has operated since its founding in 2009. The U.S. has opened at least five criminal probes into possible bribes, illicit software, questionable pricing schemes and theft of a competitor's intellectual property, people familiar with the matters have said. The San Francisco-based company also faces dozens of civil suits. London and other governments have taken steps toward banning the service, citing what they say is reckless behavior by Uber.

In January 2016, the New York attorney general fined Uber $20,000 for failing to promptly disclose an earlier data breach in 2014. After last year's cyberattack, the company was negotiating with the FTC on a privacy settlement even as it haggled with the hackers on containing the breach, Uber said. The company finally agreed to the FTC settlement three months ago, without admitting wrongdoing and before telling the agency about last year's attack.

The new CEO said his goal is to change Uber's ways. Uber said it informed New York's attorney general and the FTC about the October 2016 hack for the first time on Tuesday. Khosrowshahi asked for the resignation of Sullivan and fired Craig Clark, a senior lawyer who reported to Sullivan. The men didn't immediately respond to requests for comment.

The company said its investigation found that Salle Yoo, the outgoing chief legal officer who has been scrutinized for her responses to other matters, hadn't been told about the incident. Her replacement, Tony West, will start at Uber on Wednesday and has been briefed on the cyberattack.

Kalanick was ousted as CEO in June under pressure from investors, who said he put the company at legal risk. He remains on the board and recently filled two seats he controlled.

"While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes," Khosrowshahi said in the emailed statement.

Uber said it has hired Matt Olsen, a former general counsel at the National Security Agency and director of the National Counterterrorism Center, as an adviser. He will help the company restructure its security teams. Uber hired Mandiant, a cybersecurity firm owned by FireEye Inc., to investigate the hack.

The company plans to release a statement to customers saying it has seen "no evidence of fraud or misuse tied to the incident." Uber said it will provide drivers whose licenses were compromised with free credit protection monitoring and identity theft protection.


----------



## WaveRunner1 (Jun 11, 2017)

This is a lie. Uber SOLD personal info to marketers for additional money. A vile and shameful company.


----------



## ChinatownJake (Jan 3, 2016)

Irishjohn831 said:


> Company paid hackers $100,000 to delete info, keep quiet


Bottom line: the hackers in 2016 made more than all but the most well-recompensed Uber SUV and Lux drivers.


----------



## Irishjohn831 (Aug 11, 2017)

Was wondering why after signing us with Uber I get telemarketing calls from every country in every language. 

Someone in god knows where probably driving on my license, hopefully not with Uber so one of us is making $$


----------



## emdeplam (Jan 13, 2017)

Let's look at the facts people Uber is the victum here. Our angervshould be against the Russians! Uber losr 100k here...i mean thats a bonus for a staffer who may now go withoit


----------



## Irishjohn831 (Aug 11, 2017)

emdeplam said:


> Let's look at the facts people Uber is the victum here. Our angervshould be against the Russians! Uber losr 100k here...i mean thats a bonus for a staffer who may now go withoit


Your as crazy as your sunshine and fluffy clouds attitude.

Uber betrayed their drivers and customers by not notifying us.

They had no regard for the importance of security, and they are in it deep for assuring info has and always will be safe prior to and after this incident.

Wait and see how bad this gets for Uber


----------



## EpicSwoleness (Jun 21, 2017)

ChinatownJake said:


> Bottom line: the hackers in 2016 made more than all but the most well-recompensed Uber SUV and Lux drivers.


That CC guy would say that hackers made mad benjamins.


----------



## emdeplam (Jan 13, 2017)

Irishjohn831 said:


> Your as crazy as your sunshine and fluffy clouds attitude.
> 
> Uber betrayed their drivers and customers by not notifying us.
> 
> ...


That's where you are wrong. Did you read --> Uber was ROBBED! Those Russians hacked into their servers...its like a home invasion. On top of being violated they had to pay a ransom to PROTECT their / your customers!

I am proud to see that when it comes to principal Uber will open its wallet to do the right thing!


----------



## Bubsie (Oct 19, 2017)

I'd like to see at least a $100 million dollar fine for the shameful and wilful cover up.


----------



## SurgeWarrior (Jun 18, 2016)

ChinatownJake said:


> https://www.bloomberg.com/news/arti...rattack-that-exposed-57-million-people-s-data
> 
> _Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.
> 
> At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, *the company paid hackers $100,000 to delete the data and keep the breach quiet*. Uber said it believes the information was never used but declined to disclose the identities of the attackers._


what about drivers licenses, insurance cards and vehicle vins?


----------



## MattMo81 (Oct 26, 2016)

https://nypost.com/2017/11/21/uber-paid-100k-ransom-after-57m-accounts-were-hacked/

Hackers plundered the personal data of 57 million Uber customers and drivers - but the app-based cab company covered up the breach for a year, paying the pirates to keep quiet instead, according to a new report.


----------



## Irishjohn831 (Aug 11, 2017)

emdeplam said:


> That's where you are wrong. Did you read --> Uber was ROBBED! Those Russians hacked into their servers...its like a home invasion. On top of being violated they had to pay a ransom to PROTECT their / your customers!
> 
> I am proud to see that when it comes to principal Uber will open its wallet to do the right thing!


No, Uber paid off hackers to not only enable them to continue, but it was hush money and Uber will not give them up.

They are protecting and rewarding the hackers to hide that their concern for others does not exist


----------



## Irishjohn831 (Aug 11, 2017)

Not a ransom, it’s hush money to hide breach that exposes Uber.


----------



## corniilius (Jan 27, 2017)

Glad this was before I came abored.


----------



## Ca$h4 (Aug 12, 2015)

Any mention of Class Action Lawsuit?


----------



## SurgeWarrior (Jun 18, 2016)

Im not surprised but I am appalled they didnt tell their “partners”


----------



## Ca$h4 (Aug 12, 2015)

*READ LAST LINE*: *" Uber said it will provide drivers whose licenses were compromised with free credit protection monitoring and identity theft protection." ANYONE GET A NOTICE YET?*

*Uber Paid Hackers to Delete Stolen Data on 57 Million People*
By
Eric Newcomer
November 21, 2017, 4:58 PM EST Updated on November 21, 2017, 6:19 PM EST

Company paid hackers $100,000 to delete info, keep quiet
Chief Security Officer Joe Sullivan and another exec ousted

Uber Buying 24,000 Volvo's in Driverless Car Push
Zimbabwe's Mugabe Steps Down After 37-Year Rule

Uber Paid Hackers to Keep Massive Cyberattack Quiet
Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.

"None of this should have happened, and I will not make excuses for it."

At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, the company paid hackers to delete the data and keep the breach quiet. Uber said it believes the information was never used but declined to disclose the identities of the attackers.









Dara Khosrowshahi

Photographer: Matthew Lloyd/Bloomberg
"None of this should have happened, and I will not make excuses for it," Dara Khosrowshahi, who took over as chief executive officer in September, said in an emailed statement. "We are changing the way we do business."

After Uber's disclosure Tuesday, New York Attorney General Eric Schneiderman launched an investigation into the hack, his spokeswoman Amy Spitalnick said.

Hackers have successfully infiltrated numerous companies in recent years. The Uber breach, while large, is dwarfed by those at Yahoo, MySpace, Target Corp., Anthem Inc. and Equifax Inc. What's more alarming are the extreme measures Uber took to hide the attack. The breach is the latest scandal Khosrowshahi inherits from his predecessor, Travis Kalanick.

Kalanick, Uber's co-founder and former CEO, learned of the hack in November 2016, a month after it took place, the company said. Uber had just settled a lawsuit with the New York attorney general over data security disclosures and was in the process of negotiating with the Federal Trade Commission over the handling of consumer data. Kalanick declined to comment on the hack.

Joe Sullivan, the outgoing security chief, spearheaded the response to the hack last year, a spokesman told Bloomberg. Sullivan, a onetime federal prosecutor who joined Uber in 2015 from Facebook Inc., has been at the center of much of the decision-making that has come back to bite Uber this year. Bloomberg reported last month that the board commissioned an investigation into the activities of Sullivan's security team. This project, conducted by an outside law firm, discovered the hack and the failure to disclose, Uber said.

Here's how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.

A patchwork of state and federal laws require companies to alert people and government agencies when sensitive data breaches occur. Uber said it was obligated to report the hack of driver's license information and failed to do so.

"At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals," Khosrowshahi said. "We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts."

Uber has earned a reputation for flouting regulations in areas where it has operated since its founding in 2009. The U.S. has opened at least five criminal probes into possible bribes, illicit software, questionable pricing schemes and theft of a competitor's intellectual property, people familiar with the matters have said. The San Francisco-based company also faces dozens of civil suits. London and other governments have taken steps toward banning the service, citing what they say is reckless behavior by Uber.

In January 2016, the New York attorney general fined Uber $20,000 for failing to promptly disclose an earlier data breach in 2014. After last year's cyberattack, the company was negotiating with the FTC on a privacy settlement even as it haggled with the hackers on containing the breach, Uber said. The company finally agreed to the FTC settlement three months ago, without admitting wrongdoing and before telling the agency about last year's attack.

The new CEO said his goal is to change Uber's ways. Uber said it informed New York's attorney general and the FTC about the October 2016 hack for the first time on Tuesday. Khosrowshahi asked for the resignation of Sullivan and fired Craig Clark, a senior lawyer who reported to Sullivan. The men didn't immediately respond to requests for comment.

Khosrowshahi said in his emailed statement: "While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes."

The company said its investigation found that Salle Yoo, the outgoing chief legal officer who has been scrutinized for her responses to other matters, hadn't been told about the incident. Her replacement, Tony West, will start at Uber on Wednesday and has been briefed on the cyberattack.

Kalanick was ousted as CEO in June under pressure from investors, who said he put the company at legal risk. He remains on the board and recently filled two seats he controlled.

Uber said it has hired Matt Olsen, a former general counsel at the National Security Agency and director of the National Counterterrorism Center, as an adviser. He will help the company restructure its security teams. Uber hired Mandiant, a cybersecurity firm owned by FireEye Inc., to investigate the hack.

The company plans to release a statement to customers saying it has seen "no evidence of fraud or misuse tied to the incident." Uber said it will provide drivers whose licenses were compromised with free credit protection monitoring and identity theft protection.


----------



## SurgeWarrior (Jun 18, 2016)

Wont pay the drivers a decent rate but hackers...well ok then!! 180 Days of Smiling while jamming into the backside of pax and drivers!!!


----------



## Jo3030 (Jan 2, 2016)

Wow. Paid hackers / thieves 100K but can't pay the drivers above 81 cents a mile!


----------



## unPat (Jul 20, 2016)

Jo3030 said:


> Wow. Paid hackers / thieves 100K but can't pay the drivers above 67 cents a mile!


Fixed that for you.


----------



## HighRollinG (Aug 13, 2017)

Jo3030 said:


> Wow. Paid hackers / thieves 100K but can't pay the drivers above 81 cents a mile!


Dude...like hackers compromised high tech cloud security and bagged 57 million records! You drive a car. -NO COMPARISON

Still time to go to coding school.

P.S. All in salary plus equity, Uber receptionist is making 100K so its change


----------



## Jo3030 (Jan 2, 2016)

HighRollinG said:


> Dude...like hackers compromised high tech cloud security and bagged 57 million records! You drive a car. -NO COMPARISON
> 
> Still time to go to coding school.
> 
> P.S. All in salary plus equity, Uber receptionist is making 100K so its change


Good idea, I may go to coding school.


----------



## 2Cents (Jul 18, 2016)

What a POS company...
We felt we didn't "need to take action..."


How about we all "take action" and we go off line on Thursday November 23,2017 at 8:00 PM for 22 minutes. Can you füberites commit to that. Or is 22 minutes too much to ask for?


----------



## Jo3030 (Jan 2, 2016)

Irishjohn831 said:


> Your as crazy as your sunshine and fluffy clouds attitude.
> 
> Uber betrayed their drivers and customers by not notifying us.
> 
> ...


Cant wait for the class action lawsuit.


----------



## empresstabitha (Aug 25, 2016)

2Cents said:


> What a POS company...
> We felt we didn't "need to take action..."
> 
> How about we all "take action and we go off line on Thursday November 23,2017 at 8:00 PM for 22 minutes. Can you füberites commit to that. Or is 22 minutes too much to ask for?


You mean thanksgiving? I have no plan to work it


----------



## emdeplam (Jan 13, 2017)

Just saw the headline, but Uber will be giving everyone insurance and a brand new identity! Good to know they have our backs!


----------



## Jo3030 (Jan 2, 2016)

Ca$h4 said:


> Any mention of Class Action Lawsuit?


Soon.


----------



## Rakos (Sep 2, 2014)

OMG!!!!

Paid off the hackers...

Butt...they wont pay us squat...???

They should have had a good security team...

This is UNFORGIVABLE!!!

Just when you think it couldn't..

Get any worse...this happens...

ONE YEAR AGO!!!

The monkey is officially PISSED OFF!!!

Rakos


----------



## ubercrashdummy (Mar 5, 2015)

Thread should be retitled, *"How to really make 100k with Uber"* and then featured.


----------



## Rakos (Sep 2, 2014)

ubercrashdummy said:


> Thread should be retitled, *"How to really make 100k with Uber"* and then featured.


A good security CISSP can be hired...

For not much more than that...

There are ways to secure the data...

Somebody was asleep at the wheel...

This is plain malfeasance!!!

The monkey is SO Pissed off!!!

Rakos
























PS. Get ready for the BIGGEST poop fight this world has EVER seen


----------



## BurgerTiime (Jun 22, 2015)




----------



## everythingsuber (Sep 29, 2015)

Uber and transparency just don't seem to go together. This is a company that believes it can IPO by getting creative to avoid disclosure of drivers income to investors.


----------



## SurgeWarrior (Jun 18, 2016)

Hope the state AGs are lining up if the DOJ isnt. After the years of rate cuts and games Uber plays I really hope this hurts them..yes, I will gladly cut off my nose to spite Ubers face!


----------



## Jo3030 (Jan 2, 2016)

SurgeWarrior said:


> Hope the state AGs are lining up if the DOJ isnt. After the years of rate cuts and games Uber plays I really hope this hurts them..yes, I will gladly cut off my nose to spite Ubers face!


Will they finally take off the kid gloves? I hope so.


----------



## SurgeWarrior (Jun 18, 2016)

Jo3030 said:


> Will they finally take off the kid gloves? I hope so.


I think the AGs are looking to slay goliath to score political points. Uber was hit for $9M for a few drivers in Colorado..imo this fk up will shake them to their foundation.

Btw: I called support to find out if I was included in the hack..the rep was a bit clueless which fired me up..he had the nerve to tell me to be professional..I started a profanity laced rant..eventually he came back on the phone and told me I was not involved but under no circumstances would I ever believe Uber until it was investigated by an outside LE agency.


----------



## Rakos (Sep 2, 2014)

SurgeWarrior said:


> I think the AGs are looking to slay goliath to score political points. Uber was hit for $9M for a few drivers in Colorado..imo this fk up will shake them to their foundation.
> 
> Btw: I called support to find out if I was included in the hack..the rep was a bit clueless which fired me up..he had the nerve to tell me to be professional..I started a profanity laced rant..eventually he came back on the phone and told me I was not involved but under no circumstances would I believe Uber until it was investigated by an outside LE agency.


Been doing this for three years...

I am so screwbered...

Rakos


----------



## MoreTips (Feb 13, 2017)

I hope this becomes the biggest story in the media over the next week. Watch another #DeleteUber push get going. Did they just think this would go away. Let's see, we can pay the thiefs and they promise to delete the stolen information. Another day at Uber.


----------



## Rakos (Sep 2, 2014)

MoreTips said:


> I hope this becomes the biggest story in the media over the next week. Watch another #DeleteUber push get going. Did they just think this would go away. Let's see, we can pay the thiefs and they promise to delete the stolen information. Another day at Uber.


And Uber believed them...

Yet it will take a pax's word over drivers...

He$$ NO!!!

Time for Uber to straighten up...

Wasn't Travis K at the wheel a year ago...

This isn't even on the news yet...

Rakos


----------



## emdeplam (Jan 13, 2017)

Rakos said:


> And Uber believed them...
> 
> Yet it will take a pax's word over drivers...
> 
> ...


No reason to scare the Japanese before the check cleared


----------



## SurgeWarrior (Jun 18, 2016)

emdeplam said:


> No reason to scare the Japanese before the check cleared


MAC clause!


----------



## Rakos (Sep 2, 2014)

HAHA....

They been trying to keep this quiet...

To not spook the new investors...

This could blow up Uber...WOW!

Get your nuclear glasses ready...
















Rakos


----------



## pdaddy (Jun 5, 2017)

What kind of decent hacker only asks for $100,000 ransom???


----------



## SurgeWarrior (Jun 18, 2016)

Rakos said:


> HAHA....
> 
> They been trying to keep this quiet...
> 
> ...


If he was able to, Harambe would have surely deleted his Uber account. #DeleteUber


----------



## observer (Dec 11, 2014)

MoreTips said:


> I hope this becomes the biggest story in the media over the next week. Watch another #DeleteUber push get going. Did they just think this would go away. Let's see, we can pay the thiefs and they promise to delete the stolen information. Another day at Uber.


There's a reason this news was released a couple days before Thanksgiving....


----------



## SurgeWarrior (Jun 18, 2016)

observer said:


> There's a reason this news was released a couple days before Thanksgiving....


Probably because there will be little impact on drunks going out Tgiving eve and drivers will go out to surf the surge.


----------



## Rakos (Sep 2, 2014)

pdaddy said:


> What kind of decent hacker only asks for $100,000 ransom???


The kind that know...

That this is a gift...

That keeps on giving...

Since WHEN can you trust hackers...???

Rakos


----------



## goneubering (Aug 17, 2017)

pdaddy said:


> What kind of decent hacker only asks for $100,000 ransom???


Some kid from Hungary. Just a guess.


----------



## Rakos (Sep 2, 2014)

goneubering said:


> Some kid from Hungary. Just a guess.


Why not do what everyone else is doing...

Blame the Ruskies...8>O

Rakos


----------



## goneubering (Aug 17, 2017)

Rakos said:


> Why not do what everyone else is doing...
> 
> Blame the Ruskies...8>O
> 
> ...


Great idea!!


----------



## ShinyAndChrome (Aug 18, 2017)

I have said time and again this is not a well run company. It is successful because of the concept, not because it is well run.


----------



## uberdriverfornow (Jan 10, 2016)

Rakos said:


> Why not do what everyone else is doing...
> 
> Blame the Ruskies...8>O
> 
> ...


Russia has never done anything to the US in our entire history. I hate communism as much as the next guy but don't fall for the Russia is the enemy propaganda.

All the Russian interference nonsense is all a diversion. You'll note they have never said "exactly" what it is that Russia did to interfere, meddle, or anything else. They keep is nice and general to make it work. Millions of Americans falling for it hook, line, and sinker.


----------



## majxl (Jan 6, 2017)

UBER is not a business I would entrust with my credit cards numbers and other personal informations.


----------



## Rakos (Sep 2, 2014)

majxl said:


> UBER is not a business I would entrust with my credit cards numbers and other personal informations.


Too late...!!!

Rakos


----------



## Jo3030 (Jan 2, 2016)

Um..
This is going to be ... NOT GOOD.


----------



## Rakos (Sep 2, 2014)

Jo3030 said:


> Um..
> This is going to be ... NOT GOOD.


Not sure where you got this...

Butt... it's PRICELESS...8>)

Rakos


----------



## Jo3030 (Jan 2, 2016)

FRAUD MODE, ENABLED!


----------



## Rakos (Sep 2, 2014)

Jo3030 said:


> FRAUD MODE, ENABLED!


Curious about how soon...

They are going to contact us...

About credit monitoring...

And protection from scammers...

Rakos


----------



## emdeplam (Jan 13, 2017)

Wow...this is going to make a Great movie!

Guess I need to get my resume to Lyft asap


----------



## Jo3030 (Jan 2, 2016)

Rakos said:


> Not sure where you got this...
> 
> Butt... it's PRICELESS...8>)
> 
> ...


https://www.nytimes.com/2017/11/21/technology/uber-hack.html


----------



## Rakos (Sep 2, 2014)

emdeplam said:


> Wow...this is going to make a Great movie!


Maybe they'll get Travis K...

To play himself...8>)

Rakos











Jo3030 said:


> https://www.nytimes.com/2017/11/21/technology/uber-hack.html


Thanks!

Rakos


----------



## SurgeWarrior (Jun 18, 2016)

emdeplam said:


> Wow...this is going to make a Great movie!
> 
> Guess I need to get my resume to Lyft asap


been rounding up documents and taking pics...need to renew registration tomorrow then Im all ready to upload!


----------



## JayBeKay (Oct 13, 2016)

Uber is gonna pay for this big time...just like Equifax did...oh wait a minute


----------



## ChinatownJake (Jan 3, 2016)

observer said:


> There's a reason this news was released a couple days before Thanksgiving....


The joke is on Uber, there. The quaint notion of "quiet times" of the week to dump ugly news is obsolete, IMHO. Night, day, weekend, holiday, if something major breaks, social media takes over from there.


----------



## Rakos (Sep 2, 2014)

ChinatownJake said:


> The joke is on Uber, there. The quaint notion of "quiet times" of the week to dump ugly news is obsolete, IMHo. Night, day, weekend, holiday, if something major breaks, social media takes over from there.


Along with a hand from UP.NET...

I know we are playing with fire...

Butt...Uber lit the match...8>O

Rakos









PS. Thinking this may...blow up the Internet


----------



## SurgeWarrior (Jun 18, 2016)

On the heels of this story..Lyft should really announce an IPO..buh bye Uber!


----------



## everythingsuber (Sep 29, 2015)

pdaddy said:


> What kind of decent hacker only asks for $100,000 ransom???


Probably a driver but maybe


----------



## 2Cents (Jul 18, 2016)

SurgeWarrior said:


> On the heels of this story..Lyft should really announce an IPO..buh bye Uber!


Lyft is just as bad... they just happen to have shiny sprinkles on top of their turd.


----------



## d0n (Oct 16, 2016)

Lol, they paid to keep the breach quiet, that's all.

Those hackers sold that info to India's telemarketing spammers.


----------



## KMANDERSON (Jul 19, 2015)

Jo3030 said:


> Cant wait for the class action lawsuit.


All that going to do is make a law firm millions.


----------



## Uberdancer (Mar 25, 2016)

_Uber made history and continues to do so by successfully disrupting *a stale and often corrupt taxi industry** across the world.* But as Uber supplants one form of corruption, it's clearly fallen victim to another. And if the company doesn't clean up its act, the good it's doing to unshackle people pinned down by the constraints of traditional transportation will be lost and left for its imitators to continue. _

_The latest bit of corruption dogging Uber came to light Tuesday as the company admitted that it hid the fact that hackers breached and gained access to 57 million user accounts. To make matters worse, Uber also now says it paid hackers $100,000 to delete the data and keep the breach quiet, and did not report the incident._

_In so doing, Uber moves from the lofty ranks of admirable disruptor to just another company doing what looks like a poor job or protecting its data and definitely doing a terrible job at handling the job of keeping its customers, investors, and the general public properly informed and prepared. This is essentially the same sin committed by Equifax, Target, Yahoo and many others. _

*"This is a company that doesn't just have your address and credit card information, but detailed data on your movements and general travel history."*

https://www.cnbc.com/2017/11/22/ubers-hacking-scandal-worse-than-equifax-commentary.html


----------



## vesolehome (Aug 2, 2015)

I would suspect a large number of Uber drivers have less than desirable credit. Not exactly a hackers goldmine.


----------



## SEAL Team 5 (Dec 19, 2015)

ChinatownJake said:


> _The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said._


Uber also said "Make great money...Be your own boss..."


----------



## Uberdancer (Mar 25, 2016)

_*Uber's massive hack: What we know*_
_*Uber's disclosure that hackers accessed the personal information of 57 million riders and drivers last year, a breach it didn't disclose publicly until Tuesday, adds new potential legal woes for the already troubled company.*_
_... ... ..._
_ In terms of scale, Uber's hack doesn't measure up to other major breaches. Cyber criminals targeted Equifax earlier this year, compromising the personal information -- including names, addresses and social security numbers -- of over 145 million people. In 2013, a hack of Yahoo impacted very single account -- 3 billion in total. _

_ Former executives from both of these companies have testified in front of Congress in recent months regarding their security failures and the potential risks to consumers. _

_ But Uber's breach is different -- the company tried to cover it up and did not alert authorities or users of the issue. _

_ Consumers might find this latest Uber scandal more troubling than its other legal or public relations problems now that they're the victims. Fifty-seven million people is a significant chunk of Uber's user base, which hit 40 million monthly active riders last year. _

_ Grossman says the breach may not change consumer behavior, but it will be costly for the company._

*"At best, it will impact their bottom line. The cost of dealing with this -- they're going to have lawsuits and legal fees," Grossman said.*

_He also said the disclosure helps get it out in the open so the company can begin moving toward repairing its reputation._

_http://money.cnn.com/2017/11/22/technology/uber-hack-consequences-cover-up/index.html_


----------



## EpicSwoleness (Jun 21, 2017)

vesolehome said:


> I would suspect a large number of Uber drivers have less than desirable credit. Not exactly a hackers goldmine.


Actually...that is where you might be mistaken...the "subprime" credit market is huge, and all those $300 credit line/24.999% APR card issuers are always looking for more chumps.


----------



## d0n (Oct 16, 2016)

I wonder if last years/this years phone scam calls to gain access and wipe bank accounts had any tie to this event, they probably blame it on phishing but didn't those scam started happening en masse since last year?

This is why you disclose a hack Uber, at least they returned the money for those affected.


----------



## Brobaly (Oct 31, 2016)

How easy would it be for someone to gain access to specific driver's account during a trip? For instance, I pick up someone in a surge area of x2.5, and the pax gains access to my account on my device and makes it believe that it doesn't have access to the Uber servers. The ride ends, I contact Uber and they pay me for the calculated distance and don't include the surge pricing.

I'm asking this because I had a bizarre experience. I picked up a Russian guy during a surge and halfway through the trip, my Uber app displayed strange characters that appeared to be Russian, and the name of the rider was changed to something else, which makes me assume that he also masked his account's identity.



SurgeWarrior said:


> 180 Days of Smiling while jamming into the backside of pax and drivers!!!


So that explains where those painful sores around my rim came from.


----------



## Rakos (Sep 2, 2014)

Congrats Jake...your featured...8>)

Rakos


----------



## Jo3030 (Jan 2, 2016)

These people are beyond idiots.
This was done all w/ Travis Kalanick's blessing too.


----------



## gizmotheboss (Jul 5, 2017)

This ridesharing thing is just another legal pyramid scam for drivers. It one thing to get a judgment In your favor It is another thing to collect the money.


----------



## KMANDERSON (Jul 19, 2015)

Jo3030 said:


> These people are beyond idiots.
> This was done all w/ Travis Kalanick's blessing too.


Let see if he still on the board after this.


----------



## ChinatownJake (Jan 3, 2016)

Brobaly said:


> I picked up a Russian guy during a surge and halfway through the trip, my Uber app displayed strange characters that appeared to be Russian, and the name of the rider was changed to something else, which makes me assume that he also masked his account's identity.


Fascinating. Could also be that the account holder created the account in their foreign country, originally, and that either kicked in late or somehow crossed up the Uber app.

https://www.uber.com/ru/


----------



## jgiun1 (Oct 16, 2017)

EpicSwoleness said:


> Actually...that is where you might be mistaken...the "subprime" credit market is huge, and all those $300 credit line/24.999% APR card issuers are always looking for more chumps.


BINGO.....I bet the predatory lenders are watering at the mouth more than any of us for turkey and mashed potatoes and gravy.


----------



## Jo3030 (Jan 2, 2016)

*Uber is under investigation by multiple states over a 2016 data breach*
*Regulators around the country are questioning Uber for staying silent after the hack, which affected 57 million people.*

*https://www.recode.net/2017/11/22/16690556/uber-data-hack-57-million-state-investigation*

*New revelations that Uber suffered a major security breach in 2016 - and initially withheld details from drivers, riders and regulators alike - is touching off another round of government probes and customer lawsuits targeting the ride-hailing giant.

At least five states - Illinois, Massachusetts, Missouri, New York and Connecticut - told Recodethis week that they would investigate the matter, after Uber revealed on Wednesday that the intrusion affected 57 million customers, compromising names, addresses and driver's license numbers in some cases.

Meanwhile, Uber must contend with the possible threat of a new probe at the Federal Trade Commission. The agency, which acts as the U.S. government's top privacy and security watchdog, penalized Uber for its privacy and security practices just this August. But it may not have known that Uber had suffered a major security breach in 2016, even as they investigated the company at the same time for other, unrelated security missteps. For now, the agency merely said it's "closely evaluating the serious issues raised."

And some affected customers are similarly taking action. On Wednesday - hours after the breach became public - an Uber user filed a lawsuit accusing the company of negligence and deceptive business practices. The plaintiff, Alejandro Flores, is seeking to represent a class of affected riders and drivers alike.

Taken together, the repercussions for Uber's silence already seem vast. Once again, the ride-hailing company faces the threat of costly litigation and other stiff penalties or fines - all at a time when the tech giant is battling back a slew of other civil and criminal probes.

"We've been in touch with several state attorney general offices and the FTC to discuss this issue, and we stand ready to cooperate with them going forward," an Uber spokesperson said.

Hackers set their sights on Uber in late 2016, according to the company, while Travis Kalanick still led the company. By accessing a public repository of Uber data, two individuals were able to see - but perhaps not steal - personal information for 57 million Uber users around the world.

At the time, Uber suppressed information about the breach - and it paid the hackers a $100,000 ransom to delete the data they had obtained. Roughly a year later, though, new Uber CEO Dara Khosrowshahi opted to make information about the security incident public, along with an apology and a promise to improve the company's digital defenses.

But Khosrowshahi's mea culpa is unlikely to satisfy regulators.

For one thing, 48 states maintain some version of a law that requires companies that suffer a data breach to communicate what happened to consumers. In most cases, companies must disclose a security incident if hackers steal very sensitive customer data - such as driver's license numbers, which happened with Uber in late 2016.

To that end, the attorneys general in Illinois, Connecticut and New York have said they are probing the breach at Uber - perhaps with an eye on whether the company skirted state laws. The top prosecutors in other major states, like Pennsylvania and Florida, did not immediately respond to emails on Wednesday seeking comment. California's AG declined to comment.

If you have more info on Uber's security practices please reach out to Tony Romm or Johana Bhuiyan.

Tony Romm is the senior editor for policy and politics at Recode. He can be reached at [email protected], or on Signal, Confide, iMessage and WhatsApp at 215.779.9597.

Johana Bhuiyan is the senior transportation editor at Recode and can be reached at [email protected] or on Signal, Confide, WeChat or Telegram at 516-233-8877. You can also find her on Twitter at @JmBooyah.

State laws also form the basis of an emerging class action suit, which alleges that Uber's failure to disclose the 2016 breach runs afoul of notification rules in California, Illinois, Hawaii and others. For some of these states, such as Illinois, the rider information that was exposed doesn't require disclosure but the 600,000 driver's license numbers accessed do.

In the nation's capital, meanwhile, Uber faces the prospect of more pain.

Months earlier, the company brokered a draft agreement with the FTC to settle charges dating back to 2014 that it mishandled customers' data. In that fight, the agency contended that Uber had "deceived consumers" by allowing its employees to access riders' most personal information, including the details of their trips.

But Uber's settlement with the FTC isn't technically final; the commission still must vote on it. That opens the door for the agency perhaps to rethink the order, weigh new penalties or open another probe into Uber entirely as a result of this week's revelations. Some U.S. lawmakers explicitly urged the FTC on Wednesday to do precisely that.

10h
Richard Blumenthal

✔@SenBlumenthal
Replying to @SenBlumenthal
Consumers and drivers deserve better than Uber's appalling contempt for their personal information. This corporate malfeasance should be swiftly and strongly punished.


 https://twitter.com/i/web/status/933359351288467458Richard Blumenthal

✔@SenBlumenthal

I urge Federal Trade Commission to take swift enforcement action and impose significant penalties in response to Uber breach.

10:39 AM - Nov 22, 2017



33 Replies


2020 Retweets


3636 likes
Twitter Ads info and privacy

Perhaps complicating matters, the FTC in 2014 and 2015 specifically ordered Uber to preserve all documents and records related to privacy and security for investigators to review, according to copies of civil investigative demands sent to the company at the time and later obtained by Recode. Otherwise, the orders said, Uber could face additional civil or criminal liability. It is unclear how those demands might apply in a case like this one, where Uber did not disclose a breach in the midst of an unrelated investigation.

Asked about the matter, a spokeswoman for the FTC confirmed the agency is "aware of press reports describing a breach in late 2016 at Uber and Uber officials' actions after that breach." While the aide said the agency is "closely evaluating the serious issues raised," she did not elaborate on whether that amounted to an investigation.

Two sources, however, told Recode that Uber had briefed the agency on the matter in recent days.

Even abroad, Uber faces immense criticism - and perhaps additional scrutiny. A top regulator in the European Union on Wednesday highlighted Uber's handling of the breach to make the case for greater regulation of U.S. tech giants.

Much of the responsibility for fixing Uber's new troubles now falls to Tony West, the company's new chief legal officer. A former PepsiCo executive who served as the assistant attorney general of the Department of Justice under President Barack Obama, West is also tasked with overseeing Uber's fights in a wide array of other regulatory woes - including a federal probe on foreign bribery charges.
*


----------



## Mars Troll Number 4 (Oct 30, 2015)

glad i closed the debit account uber was paying me to...
the bad news train keeps digging dirt on uber,

Between that and all the money uber owes investors?










I think uber needs to start filing it's hole,


----------



## Wardell Curry (Jul 9, 2016)

Who is to say the hackers don't return and demand a higher ransom next time. Never negotiate with an enemy who is smarter than you. Smh.


----------



## unPat (Jul 20, 2016)

In light of things SoftBank should do a u turn and invest in lyft.



Wardell Curry said:


> Who is to say the hackers don't return and demand a higher ransom next time. Never negotiate with an enemy who is smarter than you. Smh.


Very true. Game of thrones is shooting multiple endings so that hackers can't leak them online and demand ransom.


----------



## negeorgia (Feb 1, 2015)

Jo3030 said:


> Cant wait for the class action lawsuit.


yeah, and that check for $11.73; 4 years from now. After the lawyer gets their millions.


----------



## BAKAD (Feb 22, 2016)

*Okay, now I know why I have been getting calls to my cell #. *

I use Google Voice for all my business and general calls so I can keep it on voicemail while driving. Only my family and a few friends have my cell number and of course Uber. Lately I have been getting sales calls on my cell and I was wondering who gave out my number. ​
*NOW I know! Shame on you Uber. I bet you sold our names and number for a few bucks beside the data breach. *

*This company keeps sinking to new lows. *​
* And still nothing but band-aids (180 days) for the drivers. NOTHING from the NEW CEO in bold moves it will take to turn this company around. *

_Hey NEW CEO, raise the prices, yes, you will shrink your market share but Uber will be heading for a profit. Get rid of Car POOL, it's a product no one likes the drivers and the riders. And it's cutting into your core product X. You are leaving $$$$ on the table with POOL.  Get rid of the bad drivers. Reward the ones with higher ratings and compliments from the riders. (Maybe the drivers will stay longer and your turnover will be less)  Get rid of the childish badges we are adults here. Create a loyalty program. _

I am wasting my time here. It's such a great concept with so much potential that TK has screwed up. I just wish the company would get its act together.


----------



## Jo3030 (Jan 2, 2016)

*Hackers Are Using Uber's 57 Million Account Data Breach to Steal Passwords*

*https://www.thedailybeast.com/hacke...illion-account-data-breach-to-steal-passwords*

JOSEPH COX
11.23.17 8:41 AM ET
Where there's a data breach, there's ample opportunity for scammers, even if they don't have access to the reams of stolen accounts.

On Tuesday Bloomberg reported that ride-sharing giant Uber covered up a 2016 breach of 57 million accounts, including names, email addresses and phone numbers of 50 million riders. Now, hackers are capitalizing on that news by sending potential Uber users specially crafted emails designed to steal their password.

"Our deepest apologies," reads an apparent phishing email, posted by IT trainer and consultant Dale Meredith to Twitter on Wednesday.

"You may have heard that Uber was compromised last year. We are sorry to inform you that your information was, unfortunately, confirmed to be part of the breach. Please click below to confirm you've received this message and change your password," the email continues, complete with fairly convincing Uber branding spread throughout the message. The email itself comes from "[email protected]," according to Meredith's screenshot, following a similar style of automated alert emails.

The phishing email even gives some half-decent security advice, presumably in an attempt to appear authentic: "As a security precaution, you'll want to change your passwords on all other online accounts you utilize, to prevent any further damage," it adds.

One part of the message may immediately ring some alarm bells though: Uber is apparently teaming up with its main rival Lyft, and offering affected customers $50 worth of Lyft credit.

"Just received an email from what is claiming to be Uber Canada apologizing for security breach and offering $50 credit to Lyft. Quite confident this is a phishing scam as it asks for password change," one user apparently from Toronto tweeted on Wednesday.

"I just got a phishing email from an email posing as Uber! Be careful!" Michelle Zilio, a reporter from The Globe and Mail, tweeted.

As Bloomberg reported, Uber paid the hackers $100,000 to delete the stolen data. The New York Times reported that Uber, after tracking down the hackers, pushed them to sign nondisclosure agreements. New York Attorney General Eric Schneiderman has opened an investigation into the incident.

Hackers who successfully obtain an Uber customer's password could do several things. They might decide to take a load of expensive trips on the victim's account-hacked Uber accounts have been used in China, Europe, the U.S. and elsewhere. Or, the hacker could sell the stolen details on the established, underground market of Uber accounts.

As Motherboard first reported back in 2015, Uber accounts are available on the dark web for as little as $1 each. Hackers even penned guides on how to more effectively use the accounts without getting caught, and, after a slew of other vendors entered the trade, the price of Uber details crashed to just 40 cents.

Of course, without access to the database of 50 million customers, scammers still need to figure out who might have an Uber account, so their phishing email goes to the right people. Although it's not clear how the scammers behind these recent phishing emails have determined that, The Daily Beast confirmed that trying to sign up to Uber with an email address which is already in use provides a handy error message. Attackers could theoretically grind through lists of emails exposed in previous data breaches, and check which ones are linked to an Uber account. Special software configured for different websites and services automates much of this process. With that being said, the hackers may also just be blasting their phishing emails randomly and broadly, hoping that they get some passwords in return.

Uber has not directly informed individual customers of whether they were impacted by the data breach. If this phishing email is the first a victim sees, it's easy to imagine at least some people inadvertently handing their password over to hackers.

"These emails aren't from Uber," company spokesperson Melanie Ensign told The Daily Beast. "We have multi-factor on by default for riders & drivers, but as always, you see anything suspicious on your account, you can contact us via the help center in the app or help.uber.com."


----------



## 2Cents (Jul 18, 2016)

Jo3030 said:


> *Hackers Are Using Uber's 57 Million Account Data Breach to Steal Passwords*
> 
> *https://www.thedailybeast.com/hacke...illion-account-data-breach-to-steal-passwords*
> 
> ...


✅Resolved

Thanks CSR


----------



## 2Cents (Jul 18, 2016)

Bubsie said:


> I'd like to see at least a $100 million dollar fine for the shameful and wilful cover up.


I'm sure the folks at Volks WübEnRon meant well...
Or are people going to start seeing this company for what it is, a ponzy?

#fübrn


----------



## 2Cents (Jul 18, 2016)

It has been reported this week that the popular rideshare service, Uber paid hackers a sum of $100,000 to keep a 2016 security breach a secret. When reached for comment former Uber CEO Travis Kelonick said he tried to give the hackers 5 stars but in the real world when you want something you must actually use money to pay for it...
Now you know how we feel when you tell passengers "tip is included" said every Uber driver ever.


----------



## Strange Fruit (Aug 10, 2016)

emdeplam said:


> That's where you are wrong. Did you read --> Uber was ROBBED! Those Russians hacked into their servers...its like a home invasion. On top of being violated they had to pay a ransom to PROTECT their / your customers!
> 
> I am proud to see that when it comes to principal Uber will open its wallet to do the right thing!


I'm sure the hackers kept their word and deleted the data they stole when they received the money.


----------



## SurgeWarrior (Jun 18, 2016)

Now being reported by NY Times that softbank was informed about the breach before customers and our new fearless leader knew for 2 months before going public! This company is about to have its lunch eaten.

After this I can guarantee there will be no fare increases anytime soon.

and I am happy to report..i am now active with Lyft so Uber can now lick my butt crack!


----------



## Leo1983 (Jul 3, 2017)

Irishjohn831 said:


> Your as crazy as your sunshine and fluffy clouds attitude.
> 
> Uber betrayed their drivers and customers by not notifying us.
> 
> ...


Pretty sure she was being sarcastic.


----------



## Jo3030 (Jan 2, 2016)

Uber Told Softbank about the back before telling EVERYONE ELSE!

*Uber Disclosed Hack to SoftBank Before Going Public*

*https://www.bloomberg.com/news/arti...closed-breach-to-softbank-before-going-public*

By 
Robert Fenner
November 23, 2017, 8:33 PM EST
Uber Technologies Inc. disclosed its massive data breach to prospective investor SoftBank Group Corp. before revealing the details to the public.

The disclosure came as SoftBank conducts due diligence on the ride-hailing company ahead of a potential investment, Uber said in an emailed statement. SoftBank, which may put as much as $10 billion into the company, declined to comment.

Uber faces investigation by regulators after disclosing earlier this week that it hid for more than a year the hacking of a vast amount of personal data from 57 million drivers and customers. The company ousted its chief security officer and one of his deputies for their roles in hiding the hacking, which included a $100,000 payment to the attackers.

"We informed SoftBank that we were investigating a data breach, consistent with our duty to disclose to a potential investor, even though our information at the time was preliminary and incomplete," Uber said in the statement. "We also made clear that our forensic investigation was ongoing."

Reuters reported Uber's disclosure to SoftBank earlier.

Uber said that once its internal inquiry was concluded and it had a more complete understanding of the facts, the data breach was disclosed to regulators and customers.

The compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million riders around the world. The personal information of about 7 million drivers was accessed as well, including the license numbers of some 600,000 U.S. drivers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said earlier this week.

- With assistance by Yuji Nakamura


----------



## El Janitor (Feb 22, 2016)

So that's why I keep getting those sales emails.


----------



## YourPrivateDriver (Jul 5, 2016)




----------



## driverdoug (Jun 11, 2017)

Thanks for this info. New York AG upset about this but it was Gov Cuomo opened NY on a silver platter to Uber. Funny. Like something smells.


----------



## Tihstae (Jan 31, 2017)

Rakos said:


> Since WHEN can you trust hackers...???


I trust them a LOT more than I trust Uber.


pdaddy said:


> What kind of decent hacker only asks for $100,000 ransom???


I think Uber left out some. I don't think that $100,000 was a one time payment but a continuing monthly payment.



Rakos said:


> Why not do what everyone else is doing...
> 
> Blame the Ruskies...8>O
> 
> ...


Damsel? Did you do this?


----------



## roadman (Nov 14, 2016)

sue them.


----------



## tohunt4me (Nov 23, 2015)

roadman said:


> sue them.


It was probably Uber Employees.

Hard to investigate when company hides the FACTS !


----------



## tohunt4me (Nov 23, 2015)

ChinatownJake said:


> https://www.bloomberg.com/news/arti...rattack-that-exposed-57-million-people-s-data
> 
> _Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.
> 
> At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, *the company paid hackers $100,000 to delete the data and keep the breach quiet*. Uber said it believes the information was never used but declined to disclose the identities of the attackers._


Change story Headline to " UBER LIES TO 57 MILLION PEOPLE.
AGAIN !"


----------



## Just Another Uber Drive (Jul 15, 2015)

Ran across this and thought I'd pass it along:

"Hackers are taking advantage of Uber's security breach with this dangerous phishing email"

http://bgr.com/2017/11/24/uber-hack-phishing-email-security-breach/

_'Uber's* recently-disclosed security breach* is terrible news for the 57 million drivers and users caught up in the hack. The information stolen isn't terrible - mostly, just names, email addresses, and phone numbers - but Uber's response to the attach has been the problem._

_Even though the hack happened in 2016, Uber still hasn't contacted the users whose data was stolen, and hackers are now taking advantage of that elementary mistake._

_IT trainer and security consultant Dale Meredith posted an email he received on Twitter yesterday. It's a classic phishing email that appears to come from Uber, but with a unique twist - it's styled as the kind of apology email companies always send out after a data breach.

"Our deepest apologies," the letter starts out in Uber's recognizable font. It goes on to explain that "your information was, unforunately, confirmed to be part of the breach. Please click below to confirm you've received this message and change your password." If you click on that link, you get a page that asks for your old and new passwords._

_Once hackers have that information and your email address, they can get into your Uber account. And, because people are awful at recycling passwords across different websites, it also means that other accounts will probably be compromised with the "new" password too._

_As ever, this is a valuable lesson to never click on links in security emails, but instead go through the company's verified app or website instead. And, for Uber, it's a wakeup call that they really need to start taking this thing seriously.'
_


----------



## Fuzzyelvis (Dec 7, 2014)

Just Another Uber Drive said:


> Ran across this and thought I'd pass it along:
> 
> "Hackers are taking advantage of Uber's security breach with this dangerous phishing email"
> 
> ...


Uber giving out LYFT codes. Yeah, right.

How could that NOT be a scam?


----------



## SurgeWarrior (Jun 18, 2016)

Its starting..the states are starting to sue and the politicians are scheduling hearings. This is gonna be fun to watch...I dont wanna be all schadenfreude but this is awesome!

Hey Uber if you wanna know when you lost my support, it was right after your "winter thaw" lie!

Good Luck..we are rooting for the plaintiffs and eventually the prosecutors.

https://chicago.suntimes.com/news/chicago-cook-county-sue-uber-over-concealed-data-hack/

my favorite part:
The suit seeks a $10,000 fine "for each violation involving a Chicago resident . . . for each day such violation has existed and continues to exist."

57M x $10k x 365 = ky jelly justice!


----------



## Tihstae (Jan 31, 2017)

SurgeWarrior said:


> 57M x $10k x 365 = ky jelly justice!


I would prefer that Uber got justice without lubricant. They can take it dry. They won't cry!


----------



## SurgeWarrior (Jun 18, 2016)

Tihstae said:


> I would prefer that Uber got justice without lubricant. They can take it dry. They won't cry!


Reuters now reporting Waymo has requested delaying their trial after new evidence provided by DOJ!

I think rectal blood might be the lubricant of choice!

https://www.reuters.com/article/us-...secrets-trial-over-new-evidence-idUSKBN1DS02B


----------



## Yam Digger (Sep 12, 2016)

Irishjohn831 said:


> The breach is the latest explosive scandal Khosrowshahi inherits from his predecessor, Travis Kalanick.


Had Dara known what kind of snake-pit he was about to climb down into, would he still have taken the job?


ChinatownJake said:


> Bottom line: the hackers in 2016 made more than all but the most well-recompensed Uber SUV and Lux drivers.


I am soooooooo in the wrong line of work.


emdeplam said:


> Let's look at the facts people Uber is the victum here. Our angervshould be against the Russians! Uber losr 100k here...i mean thats a bonus for a staffer who may now go withoit


Unless Uber Corp staff info, including that of Kalanick himself, was included in those stolen files, I respectfully beg to disagree. In fact, at only 100 grand, I'd say Uber got off pretty lightly for its screw-up.


----------



## EpicSwoleness (Jun 21, 2017)




----------



## Mars Troll Number 4 (Oct 30, 2015)

SurgeWarrior said:


> Reuters now reporting Waymo has requested delaying their trial after new evidence provided by DOJ!
> 
> I think rectal blood might be the lubricant of choice!
> 
> https://www.reuters.com/article/us-...secrets-trial-over-new-evidence-idUSKBN1DS02B


That's quote of the day material there...


----------



## grams777 (Jun 13, 2014)

SurgeWarrior said:


> Its starting..the states are starting to sue and the politicians are scheduling hearings. This is gonna be fun to watch...I dont wanna be all schadenfreude but this is awesome!
> 
> Hey Uber if you wanna know when you lost my support, it was right after your "winter thaw" lie!
> 
> ...


Could indeed be quite a line of lawsuits since 48 states have specific laws about disclosing these events.

Good summary of state laws here:

https://www.bakerlaw.com/files/Uploads/Documents/Data Breach documents/State_Data_Breach_Statute_Form.pdf

Fortunately for Uber many of the penalties are capped per event in each state.

Of course, that's just the United States.


----------



## tohunt4me (Nov 23, 2015)

SurgeWarrior said:


> Reuters now reporting Waymo has requested delaying their trial after new evidence provided by DOJ!
> 
> I think rectal blood might be the lubricant of choice!
> 
> https://www.reuters.com/article/us-...secrets-trial-over-new-evidence-idUSKBN1DS02B


Rectal blood is Attracting the Sharks.


----------



## ClydeClyde (May 8, 2017)

Just got a letter from Uber in the mail. They are v sorry. Anyone else get this?


----------



## SurgeWarrior (Jun 18, 2016)

ClydeClyde said:


> Just got a letter from Uber in the mail. They are v sorry. Anyone else get this?


What did it state? Were you impacted? I called them the night it was announced and was told I wasnt included..can you take a pic (hide your personal info) and post it?

Thanks


----------



## ABC123DEF (Jun 9, 2015)

emdeplam said:


> That's where you are wrong. Did you read --> Uber was ROBBED! Those Russians hacked into their servers...its like a home invasion. On top of being violated they had to pay a ransom to PROTECT their / your customers!
> 
> I am proud to see that when it comes to principal Uber will open its wallet to do the right thing!


HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!!!!!!!!!!!!!!!!!


----------



## ClydeClyde (May 8, 2017)

SurgeWarrior said:


> What did it state? Were you impacted? I called them the night it was announced and was told I wasnt included..can you take a pic (hide your personal info) and post it?
> 
> Thanks


Yep, here it is









ETA: The files are too big and compressing them makes them unreadable. Full size pics are on my google drive -https://drive.google.com/drive/folders/1rmKafH5MDBVpMAYpmnbBnOaEkX8wOodi?usp=sharing


----------



## 2Cents (Jul 18, 2016)

SurgeWarrior said:


> Its starting..the states are starting to sue and the politicians are scheduling hearings. This is gonna be fun to watch...I dont wanna be all schadenfreude but this is awesome!
> 
> Hey Uber if you wanna know when you lost my support, it was right after your "winter thaw" lie!
> 
> ...


There is 57Million people in Chicago?
Wow, that's a lot of people...


----------



## tohunt4me (Nov 23, 2015)

SurgeWarrior said:


> What did it state? Were you impacted? I called them the night it was announced and was told I wasnt included..can you take a pic (hide your personal info) and post it?
> 
> Thanks


You believe that ?
You believe Them ?


----------



## 2Cents (Jul 18, 2016)

Hopefully that 365 Billion Dollar fine puts them out of business and no investor puts another dollar in. Even if they settle the fine at 30 Billion they shouldn't be able to offset it by offering rides.


----------



## SurgeWarrior (Jun 18, 2016)

tohunt4me said:


> You believe that ?
> You believe Them ?


fk no i dont believe them!


----------



## Argantes (Dec 12, 2015)

ClydeClyde said:


> Just got a letter from Uber in the mail. They are v sorry. Anyone else get this?


I got this letter as well, weird thing was that my brother who lives with me got the same letter even though he never signed up for Uber. could this be maybe a new scam?


----------

