The Uber Hack and Why it is So Terrible

The Uber Hack and Why it is So Terrible

The popular transportation company, Uber, has been in the news lately for plenty of reasons, none of which have been positive. This time around Uber is in the news for being hacked… a year ago… and then attempting to cover it up by paying off the hackers with $100,000.

It is being reported that the personal data of 57 million customers and drivers has been stolen. Paying the hackers was Uber’s strained attempt at concealing the incident by having them destroy the data they had stolen. How Uber planned to verify this, or if they were just trusting the hackers to stick to their word is unclear.

Related: The Equifax Breach and What Went Wrong

The information stolen consisted of phone numbers, email addresses and names of Uber users, as well as the driver’s license numbers of 600,000 of their drivers. Though Uber claims they received assurance the information was destroyed, how can they really know for sure?

If the stolen records were not deleted, they will likely end up being sold on the dark web only to be abused by criminals without Uber ever becoming aware.

As for how the attack happened, the hackers accessed the information via a third-party, cloud-based service. From there they were able to find the username and password needed to access Uber’s user data stored on an Amazon server.

Even if the information was destroyed that certainly doesn’t mean other bad guys won’t try to exploit the situation, most likely by sending phishing emails cleverly disguised as legitimate communications from Uber. These phishing emails will attempt to get people to click on a link where their credentials can then be stolen – perhaps again.

Related: How Not to Fall for a Phishing Email

While the Uber hack is just one of many to occur in 2017, it certainly isn’t the biggest, the Equifax and Yahoo breaches were far larger. What makes this one different though is that they attempted to cover it up without notifying authorities or those affected, which is only going to add to the lengthy list of things Uber is going to have to address in an effort to repair their reputation.

Follow us on FacebookTwitter and LinkedIn and stay up to date on Hacks, Attacks & Cybersecurity by subscribing to our email list.

Posted by Jack Gerbs