Uber, the convenient ride-sharing app constantly has found itself amidst a new scandal. Recently it has come to light that Uber was the victim of a security breach that compromised over 57 million users with hackers gaining access to the names, addresses and driver’s license numbers of these customers. If that wasn’t bad enough this leak apparently happened in October of 2016, over a year ago and Uber has just now told the public. To make matters even worse, Uber reportedly tracked down the hackers and paid them off to delete the information they had gained, buying their silence.
Uber has been at the tail end of many horrible decisions over the years and this is just another one of them. Sure in the grand scheme of things this by no means the largest security breach to happen lately, nor are things like this rare but the actions taken by Uber after discovering the breach only paints them in a bad light. Not only did they not disclose the breach to the public but they payed off the hackers making them sign nondisclosure agreements as well as writing them off in the books as bug hunters (people who are hired by companies to test their software security). Actively taking every measure possible to sweep this incident under the rug and they may have succeeded had it not been for the recent change in company leadership.
Dara Khosrowshahi, who was made chief executive officer of Uber this past August, said he had only recently learned of the breach. In a company blog post he stated “None of this should have happened, and I will not make excuses for it.”
Not only was Uber extremely shady in their actions following the breach, they may have violated several laws regarding their interaction with the hackers. Because they demanded the hackers delete the information they had stolen they may have violated a Federal Trade Commission rule on breach disclosure that stops companies from destroying any forensic evidence. Several states also require that companies disclose to their companies if their customers have been affected by a breach and so they are under investigation from several states.
Uber has been very problematic lately and this latest stunt only further ruins their already blackened allegations. Their recent overhaul of company executives hopefully does them some good, and they can stop being so shady.