Skip to main content

Inside the hack Uber didn’t want 57 million users to know about

The man responsible for the Uber hack is reportedly a 20-year-old Floridian

Uber app on a smartphone.
junce/123RF
Another day, another massive data breach. This time around, Uber was the target, but unlike other hacks, it took the company more than a year to disclose the hack to its customers.

More information is now coming to light about the attack, and Reuters reports that the culprit was a 20-year-old Florida man. As previously reported, this individual was then paid to destroying the evidence of the attack by way of a bug bounty program. While bug bounties are generally paid to folks who discover small vulnerabilities in a company’s code, this was clearly something much larger and more insidious.

Recommended Videos

A HackerOne executive noted that the alleged $100,000 payment could be an “all-time record.” Other security experts noted that paying a hacker who had committed a crime by stealing data would be highly unusual, particularly for a bug bounty program where computer scientists are typically paid somewhere between $5,000 and $10,000.

Please enable Javascript to view this content

According to a blog post from Uber, hackers managed to steal the personal data of a whopping 57 million Uber users in a data breach. Among those compromised, according to a Bloomberg report, were 7 million drivers, of which around 600,000 had their drivers license numbers stolen. Uber says that the information did not include things like Social Security numbers or credit cards.

Uber didn’t keep the hack under wraps because it didn’t know about it, however. The Bloomberg report notes that former Uber CEO and co-founder Travis Kalanick was alerted to the breach in November 2016, only a month after the hack took place. An additional report from The Wall Street Journal further revealed that Uber’s new CEO Dara Khosrowshahi was alerted to the breach in early September, two weeks after he officially stepped in as the head of the company. Once he learned of the hack, he is said to have “immediately ordered an investigation, which he wanted to complete before making the matter public.”

At the time of the hack, Uber was already negotiating with investigators for separate privacy violation claims — and it still failed to report the hack.

“None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” said Khosrowshahi, who took over in September, in the blog post. “We are changing the way we do business.”

Despite concealing the hack for a year, it does seem as though Uber is telling the truth in saying that it’s “changing the way it does business.” Bloomberg reports that the company ousted Joe Sullivan, its chief security officer, and one of Sullivan’s deputies for their roles in covering up the data breach, which is at least a first step in changing its ways. The Uber blog mentioned that “two of the individuals that led the response to this incident are no longer with the company.”

This is not the first massive data breach of the year. Earlier in 2017, credit reporting agency Equifax was breached, potentially putting at risk the information of a whopping 143 million U.S. residents. The hack itself took place sometime between May and July, but was disclosed in September.

Update: The Uber hacker is reportedly a 20-year-old Florida man. 

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
7 crucial iOS 16 features that Apple didn’t tell you about
iOS 16 on stage at WWDC 2022.

The upcoming iOS 16 has turned out to be one of the biggest feature updates in the history of Apple's mobile operating system, both in terms of the sheer number of features and the magnitude of the changes. From massively revamping the lock screen experience to some extremely useful feature additions for Messages and a buy now, pay later option for Apple Pay, the company has delivered a packed upgrade.

However, iOS 16 also comes with a ton of smaller, but still notable improvements that didn't get a mention during the WWDC 2022 presentation. Here are seven of those iOS 16 features that you might have missed, but that are definitely worth your attention.
Face ID goes landscape
To this point, Apple's venerable Face ID system for biometric authentication has remained functional only when the phone is held in portrait mode. Thankfully, iOS 16 finally puts an end to that limitation. You will be able to quickly authenticate a payment, unlock your phone, and autofill passwords, among other sensitive tasks that require the True Depth camera system to do its magic at any angle.

Read more
5 technologies you didn’t know came from Ukraine
Computer circuit board.

All the world has its eyes on Ukraine right now as Russia continues its invasion of the country. We're discovering plenty of admirable qualities of the oft-overlooked nation. While its snarky grandmothers have become legendary, what may not be making it into the spotlight is Ukraine's long history of innovation. Despite decades of Soviet oppression, Ukrainian-born scientists, inventors, and engineers have made huge contributions to the products many of use and love today. As the country continues to be under threat, it's worth stopping to appreciate some of the little-known advances its people have gifted the world.
High-capacity hard drives

Lubomyr Romankiw grew up in Zhovkva, a western Ukrainian city just north of Lviv. He fled to Canada at the beginning of Soviet rule and earned his degree in Alberta, followed by a masters and Ph.D. from the Massachusetts Institute of Technology. From there, he went to work at IBM and secured more than 65 patents, many of which helped set the foundation for modern computing.

Read more
LG’s fully wireless StanbyMe is the touchscreen TV you didn’t know you wanted
LG StanbyMe TV.

CES 2022 might be right around the corner, but LG figured it would drop a little teaser in our laps as a taste of what's to come in January. The company released a few details about two of its latest lifestyle-oriented TV designs: An OLED TV with a motorized fabric cover and a battery-powered 27-inch screen that can roll around your home, going pretty much anywhere you need it to be. Here's what we know so far.
LG StanbyMe

LG's quirky new StanbyMe TV looks like someone took an iMac G4 screen and mounted it to a rolling coat rack. And given its capabilities, that description isn't far from the truth. In fact, the StanbyMe is a fully portable smart TV with a built-in rechargeable battery and fully adjustable rolling stand. It has a custom interface that you can control with a remote or just by touching it. And it functions as a wireless external monitor for smartphones and laptops via screen mirroring.

Read more