Bloomberg reports the hackers also retrieved the personal information of around 7 million drivers for the company worldwide. For that reason, Uber will now pay for free credit-report monitoring and identity theft protection services for the affected drivers.
The attackers gained access to a private GitHub repository used by Uber software engineers and used login credentials which were available on the repository to access data on an Amazon Web Services account that was used to handle computing tasks. Uber says no Social Security numbers or location data was involved. However, the drivers license numbers of 600 000 drivers in the United States were compromised.
Uber's CEO Dara Khosrowshahi said in a statement he recently learned of the breach. And to Khosrowshahi's credit, he responded to knowledge of the security breach with the fury of someone who wants to make it clear that this kind of thing is unacceptable, and will not be tolerated.
Khosrowshahi also said that he can't erase the past but the company will learn from its mistakes.
"I'm just used to these breaches all the time; unfortunately it's a common occurrence", said traveler Ryan Eytcheson who was jumping in his Uber after flying in from Los Angeles.More news: Earth-mass temperate exoplanet found close by
Like this story? Share it!
Uber said it had fired its chief security officer, Joe Sullivan, and a deputy, Craig Clark, this week due to their role in the handling of the incident.
Under new data protection rules that come into force in the European Union next May, companies will have to identify and notify regulators of data breaches within 72 hours or face significantly increased penalties.
"If Uber did indeed secretly pay-off the hackers to keep the breach quiet, then a possible cover up of the incident is problematic and must be investigated", Pallone said in a statement.
Khosrowshahi made no mention of whether Uber riders whose information was hacked are being contacted.More news: Fowl play: Trump officially pardons Drumstick the turkey
Khosrowshahi took over the company in September after embattled Uber co-founder Travis Kalanick stepped down as CEO in the summer.
In early 2016, Schneiderman announced a settlement with Uber stemming from an investigation into the company's handling and protection of riders' personal information. Yet whatever comes of that investigation, Pilgrim - whose office will oversee the new Notifiable Data Breach (NDB) scheme from February 2018 - called the breach "a timely reminder to Australian businesses and agencies of the reputational vale of good privacy practice, and the reputational risks that can follow mishandling of personal data".
Uber also fired two employees who were responsible for providing information to hackers.
Bloomberg first reported news of the hack.More news: David Cassidy hospitalized with organ failure