On Tuesday, Uber revealed in a statement from newly installed CEO Dara Khosrowshahi that hackers stole a trover of personal data from the company's network in October 2016, including the names and driver's license information of 600,000 drivers, and worse, the names, email addresses, and phone numbers of 57 million Uber users.
As bad as that data debacle sounds, Uber's response may end up doing the most damage to the company's relationship with users, and perhaps even exposed it to criminal charges against executives, according to those who have followed the company's ongoing FTC woes. According to Bloomberg, which originally broke the news of the breach, Uber paid a $100,000 ransom to its hackers to keep the breach quiet and delete the data they'd stolen. It then failed to disclose the attack to the public—potentially violating breach disclosure laws in many of the states where its users reside—and also kept the data theft secret from the FTC.
Seriously. Isn't it Rule #1 to never pay ransom requests because they'll just keep going after you with threats when they know you're willing to pay? Man, I hope Uber suffers for how they handled this.
Post by pinkballoons on Nov 22, 2017 12:36:24 GMT -5
Would Khosrowshahi have known about how before he agreed to take the position? I just imagine someone stopping by his office one day with an, "Oh by the way, we paid off some hackers and never told anyone about it. Just so you know."