Uber data breach affecting 57 million users in 2016 came from hacker in Canada

The Canadian Press
Wednesday February 07, 2018
Written by The Canadian Press
TORONTO — One of the hackers involved in stealing data connected to 57 million Uber users in 2016 was located in Canada.

The ride-hailing company revealed the hacker reached out to the company in November 2016, asking for a “six-figure payment,” but it was an accomplice in Florida, who it believes actually obtained the stolen data, which included names, email addresses and mobile phone numbers.

The revelations are part of a statement the company's chief information security officer John Flynn made to a U.S. subcommittee handling consumer protection and data security on Tuesday.

They offer a glimpse into a chapter of Uber's history that has been mired in controversy since the company admitted it tried to cover up the breach for more than a year by paying the hackers $100,000 to destroy the information.
 
“It was wrong not to disclose the breach earlier,” Flynn admitted Tuesday. “The company is taking steps to ensure that an incident like this does not happen again, with personnel changes and additional remedial actions.”
 
In the wake of the scandal, the company fired chief and deputy security officers and faced a formal investigation from the federal privacy commission.

Flynn did not say how many Canadians were affected by the breach, but said approximately 25 million Americans were impacted.

For nearly all users, the downloaded files included names, email addresses and phone numbers, but Uber has yet to find any proof that trip location history, credit card numbers, bank account numbers, Social Security numbers, or dates of birth were compromised.

Flynn said the hackers first made contact by sending emails to Uber's security team, which investigated and found that someone working with the hacker had obtained access to archived copies of Uber databases and files located on its private cloud storage system on Amazon Web Services.

The hackers gained access to the system with a “credential contained within code on a private repository for Uber engineers on GitHub, which is a third party site that allows people to collaborate on code,” Flynn said. Flynn said Uber ceased using GitHub, except for open-source code, and locked down the entry point within 24 hours.

To his knowledge, the intruders started to access the data on Oct. 13, 2016 and didn't access it again after November 15, 2016.

— Tara Deschamps

News from © Canadian Press Enterprises Inc. 2018

Add comment


Security code
Refresh

Subscription Centre

 
New Subscription
 
Already a Subscriber
 
Customer Service
 
View Digital Magazine Renew

Latest Events

Security Canada Atlantic
September 12, 2018
ISCPP Symposium
September 20-21, 2018
Retail Secure 2018
September 20, 2018
Cannabis in Retail Forum
September 21, 2018

We are using cookies to give you the best experience on our website. By continuing to use the site, you agree to the use of cookies. To find out more, read our Privacy Policy.