The hackers managed to obtain sensitive data of drivers and passengers online service Uber. In silence they paid the ransom.
Large-scale cyber attack was subjected to a popular online taxi service Uber, in which hackers managed to obtain sensitive data 57 million drivers and customers. To conceal the extent of the hacking, the company paid the fee of $100 million for his silence. This was announced by the publication Bloomberg, and later confirmed by representatives of Uber, thus attesting the theft of personal data of passengers and drivers.
In October 2016, Uber has been subjected to large-scale cyber attack which released confidential data of 57 million customers and drivers. But Uber made a big mistake — she concealed the fact of burglary. Moreover, tried to negotiate with the hackers, offering them a tidy sum for his silence. Former CEO Travis Kalanick was informed of the attack only a month after his clarification, but he never announced it to the public. The head of security Joe Sullivan and his team also concealed from all the fact of burglary. During the investigation, company officials and security services, in particular, was fired. So, the place is Sullivan, Matt Olsen, former chief consultant of the national security Agency and US Director of the National center for combating terrorism. But can we do this easier?
The company allegedly paid hackers a ransom of $100 million, to delete the information and not to publish stolen in the media or regulatory authorities. “None of this had to happen, and I won’t make excuses for it,” — writes in his statement, the current CEO of Dar Khosroshahi, which was replaced by Kalanick as CEO in September. “We are changing the way business is done”. But the company even now did not disclose the names of the kidnappers.
During a hacker attack information was stolen with personal data, i.e. names, email addresses and phone numbers of more than 50 million customers of the online service, and nearly 7 million personal data of drivers who cooperate with Uber.
How hackers managed to hack the server Uber? It turned out that very simple. Hackers with access to your public GitHub repositorium used by the engineers arrived and were able to collect private credentials to log on to the server cloud computing Amazon, which was stolen information. In addition to these confidential data, cybercriminals managed to get access to 600 thousand driver’s license, but, for some unknown reason, was not able to use them.
But further investigation will be, as the company Uber was forced to report the fact of a hacker attack to the Federal communications Commission and to the attorney General of new York. Those, in turn, carry out the necessary investigations. But the fact of the theft and hiding it from the public negatively affect the image of the online taxi service Uber.
By the way, he have enough problems in the United States. Recently in Colorado the company Uber was fined $8.9 million for what some of its drivers had previous convictions, some were deprived of their rights or fined for drunk driving. So with the image of the Uber in the US are in big trouble.