Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Regulators skeptical of Uber’s work to fix breach processes

Neil Hodge | December 18, 2017

Late last year taxi-app company Uber was hit with a huge data breach that saw the personal information of 57 million users around the world held to ransom by hackers, including that of nearly 3 million of the company’s customers and drivers in the United Kingdom. If that wasn’t bad enough, the company chose not to let anyone know about it, only making the breach public after journalists at Bloomberg broke the story.

The stolen data included customer names, e-mail addresses, and mobile phone numbers. So far, Uber’s forensics experts have not seen any indication that trip location history, credit card and bank account details, Social Security Numbers, or dates of birth were downloaded.

In itself, the data may be useless, as it contains no financial information. But that’s not the point: Uber was unable to keep it secure. And instead...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.