SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
7 Feb 2018

Uber says hackers behind 2016 data breach were in Canada, Florida

The two people who hacked ride-hailing firm Uber’s data in 2016 were in Canada and Florida at the time, a company security executive told a U.S. congressional committee on Tuesday.

About 25 million people whose data was compromised in the breach live in the United States, Uber Technologies Inc chief information security officer John Flynn said in written testimony to a Senate Commerce Committee panel.

Of those, 4.1 million were drivers, said Flynn, whose testimony described new details about the hack, the handling of which prompted newly appointed Uber Chief Executive Officer Dara Khosrowshahi to fire two top security officials. Uber disclosed the breach of 57 million worldwide users in November, about a year after it occurred. Experts reported in December that a 20-year-old man was primarily behind the breach, and that he was paid by Uber to destroy the data through a so-called “bug bounty” program, which is designed to reward researchers for uncovering security vulnerabilities.

Flynn confirmed the man who obtained data from Uber was in Florida and revealed that his partner, who first contacted the company on Nov. 14, 2016, to demand a six-figure payment, was in Canada.

Uber’s security team made contact with both people and received “assurances” the pilfered data had been destroyed before paying them $100,000, Flynn said. Sources familiar with the breach told in December the company did a forensic analysis of the Florida hacker’s computer to verify the deletions.

A Canadian Royal Canadian Mounted Police representative said she had no immediate comment on the case. Flynn said Uber had made mistakes, including paying the hackers through its “bug bounty” program. “We made a misstep in not reporting to consumers, and we made a misstep in not reporting to law enforcement,” Flynn said.

Republican and Democratic lawmakers admonished Uber for its delay in disclosing the breach. ”The fact that the company took approximately a year to notify impacted users raises red flags within this committee as to what systemic issues prevented such time-sensitive information from being made available to those left vulnerable,” Republican Jerry Moran said.

Democratic Senator Richard Blumenthal said Uber’s management of the hack was “morally wrong and legally reprehensible,” and that the company appeared to violate state rules for data breach disclosure. Compromised data includes names, phone numbers and email addresses but not Social Security numbers or credit card information of Uber users. Driver’s license numbers of 600,000 drivers were also compromised.

Tags:
hackers Uber information leaks
Source:
Reuters
1554
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015