5 things you must know about the Uber data breach if you are worried about it

  • 1

For any business, suffering a data breach is bad. But, not informing its customers about the breach is downright worse. And Uber, a global transportation app company, has made itself into a glaring example of the above statement.

Last Tuesday (21.11.2017), Uber Technologies revealed that hackers were able to compromise personal data of 57 million Uber accounts (riders and drivers) in a hack that took place back in October 2016. Even worse, the company paid the hackers $100,000 to delete the data and hush up the breach. In short, Uber users did not know until Tuesday that they might have been affected by the breach.

So, if you are a Uber rider or a driver or have used its services in the past, you should know about these 5 important things about the Uber data breach.

#1. What was stolen in the data breach?

The data breach affected 57 million accounts. Stolen data included:

  • Names
  • Email addresses
  • Phone numbers
  • Driver license information of about 600,000 drivers

#2. How did the breach happen?

The data that was stolen in the hack was stored on an external server of Amazon Web Services. And this data was illegally accessed by the attackers behind this breach. How? They used the login credentials of Uber employees, stolen from an account on GitHub, the software development platform.

#3. Who all are affected by the Uber data breach?

This is where it gets even worse. Uber hasn’t revealed the locations of the affected Uber accounts. However, it has confirmed that UK users are among them. The company hasn’t yet revealed any numbers though.

#4. Should Uber users be worried?

There is no reason why they shouldn’t. The data that was stolen in the breach is just the fodder cybercriminals need for crafting fully blown spam campaigns or engineering identity theft. In fact, according to a recent Tweet by renowned web security expert, Troy Hunt, phishing attacks leveraging the Uber data hack have already started.

#5. What can Uber users do then?

Although Uber has not fully revealed who were particularly affected in the data breach and where, it won’t be unwise to assume that you are among the affected ones. So, here are some things that you can do:

  1. Change your Uber login password. Create a strong, unique password that has uppercase and lowercase letters, numbers, and special characters.
  2. If you have added your credit/debit card to your Uber app, it’s not a bad idea to delete this information.
  3. Check your credit/debit card statements for any unknown transactions. Inform your bank if you find any.
  4. Most importantly, be careful of any emails or messages that look like they have been sent by Uber. As mentioned, phishing attacks have already begun where fake emails are asking users to click on a link to change their passwords.

Reactions on social media

For obvious reasons, people have expressed their rants after the news of the Uber data breach was out.

As of now, Uber is facing scrutiny by governments around the world including US, UK, Australia, and Philippines.

We will be updating this post when we come across fresh developments about the Uber data breach.



Content source:

Image source:


Rajiv Singha

Rajiv Singha

No Comments, Be The First!

Your email address will not be published.