Uber admits database breach putting driver data at risk

Uber said it is notifying impacted drivers now, but it hasn't seen the compromised data actually misused yet.

For a startup that only seems to see its valuation go up (in the billions, no less), there always seems to be bad news involving Uber these days.

The popular ride-hailing service revealed late on Friday that its databases had been compromised last year.

Last September, Uber discovered the "one-time" incident of unauthorized accident, which was said to have taken place last May, according to a memo issued by the San Francisco-based company.

Katherine Tassi, Uber's managing counsel for data policy, asserted in the announcement that Uber "immediately changed the access protocols for the database and began an in-depth investigation."

The investigation discovered that "a small percentage" of current and former Uber driver data (including names and driver's license numbers) were stored in the database that was compromised.

That small percentage consisted of roughly 50,000 drivers across multiple states.

However, Uber hasn't been able to identify the culprit(s) just yet.

Tassi added Uber filed a "John Doe" lawsuit in order to gather further information with the hopes of locating the aforementioned unauthorized third party.

Uber said it is notifying impacted drivers now, but insisted it hasn't seen the compromised data actually misused yet.

Uber also pledged to offer impacted drivers with a free year of membership to Experian's ProtectMyID Alert for identity theft protection services.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All