50 million Uber customers had their names, email addresses and phone numbers stolen while 7 million Uber drivers had their personal information stolen and compromised. The hack that affected 57 million Uber users was however not reported and it was concealed by the then CEO Travis Kalanick.
The cyber-attack that has been termed “costly” by the current CEO Dara Khosrowshahi. Cyber-attacks being the norm in technology companies and international brands, Uber was obligated to report the crime to concerned government bodies and security authorities. The company’s then Chief Security Officer Joe Sullivan paid hackers $100,000 to keep it a secret that no longer is….
Dara Khosrowshahi said he fired both Sullivan and his deputy, brought onboard a highly regarded cyber security expert as an adviser, and offered to pay for free credit-protection monitoring for the company’s drivers. “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” said Khosrowshahi
Khosrowshahi who learnt about the hacking after being made CEO set off his duty with cleaning up after Kalanick under who the company got itself in a couple of messes including about 433 lawsuits filed this year alone, a $2.6 compensation demand by Waymo parent company , sexual harassment allegations, ongoing legal and regulatory battles in Europe that would see the company lose a maximum penalty of $662,000 for failing to notify users and regulators when data breaches occur…And of course, all this murkiness making it easier for competitors internationally , a rise that has continued to be seen after the invention of Uber.
The issues that have marred the company since saw the removal of Kalanick as CEO in June, but still sits on the board. Uber’s management has raised issues concerning his presence on the board yet he was aware of the cyber-attack and he did not move to act accordingly.
“You may be asking why we are just talking about this now, a year later. I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it. What I learned, particularly around our failure to notify affected individuals or regulators last year, has prompted me to take several security actions.” Said Khosrowshahi