Uber has confirmed a massive data breach that took place a year-ago hacking attack that stole personal information about more than 57 million of the beleaguered ride-hailing service’s customers and drivers.
Uber’s new CEO Dara Khosrowshahi has now written a blog post explaining the security incident in detail. According to Uber chief executive Dara Khosrowshahi: “None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
Uber said it doesn’t think riders need to worry. The company thinks about 600,000 drivers were affected, and it’s offering them credit monitoring and identity theft protection.
According to Bloomberg, the hack cost Chief Security Officer Joe Sullivan and an associate their jobs because they sought to keep the hack quiet. Part of that effort, Bloomberg reported. It is also being reported that the many paid the hackers $100,000 to keep quiet and delete the data. Under European and Australian laws that will come into effect next year, that $100,000 is small fry compared to the millions of dollars it could cost them.
The breach happened under the watch of former chief executive Travis Kalanick, who knew about the cyberattack. His former deputy, chief security officer Joe Sullivan, a former federal prosecutor and senior Facebook executive, covered up the breach, the publication reported.