It sent patrons and users into fits of puzzled anger. It numbed a good many more who had placed mistaken faith in its operations. Rapacious, predatory Uber, a ride-hailing company famed for its international ruthlessness, had behaved accordingly. Last week, the firm revealed that it had received a massive hack in 2016, failing to notify customers and regulators that a breach of security had taken place.
The scale of the hack was far from negligible. Some 57 million customers were affected, their data obtained and held to ransom. This was not all. Officials at Uber, having decided against immediate revelation in favour of a deep freeze approach, went for an eyebrow raising option: paying off the culprits to the tune of $100,000. A dark deal was done: pretend it had never happened. The hackers walked away delighted.
Given the nature of such information hacks, the hide and seek option was never going to last. In a blog post, the company subsequently conceded that, “In October 2016, Uber experienced a data security incident that resulted in a breach of information related to rider and driver accounts.”
The data compromised involved names, email addresses and mobile phone numbers. Certain “forensic experts” were cited as claiming that no “trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded.”
Incoming chief executive Dara Khosrowshahi apologised with predictable…