Uber 2016 data breach puts 600,000 drivers at risk

Uber 2016 data breach puts 600,000 drivers at risk
Uber 2016 data breach puts 600,000 drivers at risk
Posted at 5:12 PM, Nov 22, 2017
and last updated 2017-11-22 13:19:34-05

TALLAHASSEE, Fla. (WTXL) - We are learning more about a data breach of over 50 million Uber drivers that occurred in late 2016.

The start-up says two people outside the company accessed personal information, and asked for $100,000 to delete the data.

The hackers who accessed the personal data of 57 million Uber accounts in 2016 used an old school hacking method according to technology expert, Blake Dowling.

He says the hackers went into a coding site, called Get Hub, and allegedly impersonated Uber engineers. They were then able to gather login information to Amazon web services, gaining access to an Uber account, which lead to the private data of Uber drivers.

Dowling says mistakes and breaches are bound to happen in the technology field, and if they do the company should be honest about it.

"If the company is behaving badly, there is no way to protect yourself from that because there's laws in place to protect us," said Dowling, the CEO of Aegis Business Technologies. "But Uber chose to ignore those laws from what it would appear and by doing so, they have exposed their customers."

Dowling says dedicating a card for online purchases, having a firewall and anti-virus, as well as identity-theft monitoring, are all ways to protect yourself from cyber breaches.

Both Uber drivers and users were affected by the data breach, though Uber said in a press release that their experts have not seen "any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded."

The news isn't so uplifting for drivers, however, as Uber says the leaked driver information included the names, email addresses and mobile phone numbers related to accounts globally. In addition, the driver's license numbers of around 600,000 drivers in the United States were downloaded.

Uber is directly notifying the affected drivers and says they are offering free credit monitoring and identity theft protection. You can find out more here

So far, Uber says there's no evidence that the data taken has been misused.

The Associated Press reports that part of the reason nothing malicious has happened is because Uber acknowledges paying the hackers $100,000 to destroy the stolen information.