A year later, Uber confirms hack of 57M users' personal information
Hackers once obtained the personal information of 57 million Uber users, the ride-sharing company's CEO confirmed in a statement Tuesday.
Though the incident occurred in 2016, the company did not disclose it until now.
"You may be asking why we are just talking about this now, a year later," Uber CEO Dara Khosrowshahi wrote. "I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it."
Names and driver’s license numbers of around 600,000 U.S. users were exposed, Khosrowshahi said. The personal information -- including names, emails and phone numbers -- of 57 million worldwide users was also obtained.
Trip history, bank account numbers and credit card numbers were not affected, according to the statement. Users' social security numbers were also kept safe.
Afterward, Uber "took immediate steps" to contain the hack -- including obtaining "assurances the downloaded data had been destroyed," Khosrowshahi said. The company also implemented security measures surrounding the platform that had been compromised.
Beginning Tuesday, Uber plans to notify those affected and the relevant regulatory authorities. It is also looking into improving its security measures "going forward."
"None of this should have happened, and I will not make excuses for it," Khosrowshahi wrote."While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes."
Effective Tuesday, the company has dismissed Joe Sullivan, chief security officer, and one of his deputies. The statement identifies the pair as "two of the individuals who led the response to this incident."