Uber chose to pay hackers to hide a massive data breach

Share via

Instead, Uber allegedly paid the perpetrators a hefty sum to delete the evidence of said data breach, according to Bloomberg. Things have come full circle though, with new CEO Dara Khosrowshahi seemingly inheriting another issue instigated by predecessor Travis Kalanick.

Addressing the matter, Khosrowshahi said in a Guardian statement that while there was no excuse for the incident, he had “obtained assurances that the downloaded data had been destroyed” – and was already ramping up security efforts.

But despite his assurances, Sam Curry, chief security officer for Cybereason, believes “difficult consequences will need to follow” if the company hopes to retain some if its reputation.

“Uber paid a bribe to make the data breach go away and acted as if it was above the law,” Curry opined. “Those responsible for the integrity and confidentiality of the data had covered it up. This is a wake up call to the industry that those in charge of security have a responsibility not just to the companies that they work for, but the people whose data is affected.

“There should never be a grey area as to what the right thing to do is – a topic that needs to be further discussed.”

That more should have been done to prevent the situation is a view point numerous experts are taking. Jason Hart, CTO of data protection at Gemalto, for example, exclaimed Uber could have benefitted from faster disclosure and better use of data encryption. He also portrays a note of concern.

So close to the implementation of GDPR, it’s worrying that such high-profile companies don’t seem geared for the reporting process. The Uber case should thus serve as an example of the importance of transparency and accountability for businesses.

“Organisations won’t be able to get away with keeping breaches hidden or paying off hackers under the table from May 2018 onwards,” Ross Brewer, VP and MD EMEA at LogRhythm, said. “Going forward, bosses will need to be open and honest when breaches inevitably happen, and do their best to remediate the situation as quickly as possible, while making sure they disclose the breach within the short 72 hour window.

“Because, while the scale of this breach is incredible, it’s not the data breach itself which is causing the headlines, it’s the aftermath and how it’s been handled.”

[rb_inline_related]

Share this story

Uber paid hackers to hide a massive data breach

As said by Winston Churchill, never waste a good crisis

Why blockchain will innovate and grow the loyalty industry

Staff motivation: Techniques, examples and quotes from SMEs

Say goodbye to boring and make human jobs more creative

The importance of reference checking during the hiring process

Personalisation is the only thing that can save retail post Covid, says jeweller Roseanna Croft

30 annoying business jargon phrases and what they really mean

Sustainable IT solutions

Third time lucky? Chancellor Rishi Sunak announces October’s third economic support package

Essential software for the home office

Bestselling author publishes free e-book to normalise COVID-safe business travel protocol

Entrepreneurs work 63% longer than average workers

The importance of reference checking during the hiring process

SMEs: Use the Extinction Rebellion protests to beat your competitors

Call centres in the Philippines: Helping UK businesses stay competitive

Related articles