PITTSBURGH (KDKA) — Uber’s new CEO is apologizing, but that doesn’t change the fact that hackers stole the personal data of 57 million Uber passengers last year, along with the driver’s license of some 600,000 Uber drivers.
Compounding the problem, rather than report the hack to the authorities or their customers, Uber paid the hackers $100,000 to delete the data and keep the hack quiet.
Bloomberg’s tech reporter Eric Newcomer broke the story.
“The crazy thing definitely is that Uber didn’t tell anyone for more than a year,” said Newcomer.
Uber insists that the only thing hacked were names, email addresses, and phone numbers, adding, “Outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, social security numbers, or dates of birth were downloaded.”
But skeptics wonder if that’s true and if the hackers really deleted what they stole.
“This incident is going to give any reasonable person pause about how much they can trust the company,” said Newcomer.
So what should Uber customers do?
Uber says, do nothing, insisting there’s nothing to worry about.
But local tech experts tell KDKA money editor Jon Delano that it never hurts to change your passwords, check your accounts for fraudulent activity, set up credit monitoring, and, finally, if you feel you’ve been hacked, call the credit agencies to freeze your credit.
Uber’s new CEO, Dara Khosrowshahi, wrote, “None of this should have happened, and I will not make excuses for it. We are changing the way we do business.”
“Dara, the new CEO, is trying to clean things up, but it’s going to take time,” noted Newcomer. “He needs to recruit new leaders and really change the culture, and that’s a big project.”