Uber reveals it paid off hackers who stole information of 57 million users

Uber paid off hackers who stole millions of users’ information under old its previous ownership, the new CEO has revealed.

The incident happened in late 2016, when personal information of 57 million users of the ride-hailing app was accessed by external hackers, as well as the names and driving licence numbers of around 600,000 US-based drivers.

Dara Khosrowshahi, who was named CEO of Uber in August 2017, admitted the incident and claimed he was not personally aware of it until recently.

In a blog post on Uber’s website, Khosrowshahi said: “As Uber’s CEO, it’s my job to set our course for the future, which begins with building a company that every Uber employee, partner and customer can be proud of. For that to happen, we have to be honest and transparent as we work to repair our past mistakes.

I recently learned that in late 2016 we became aware that two individuals outside the company had inappropriately accessed user data stored on a third-party cloud-based service that we use. The incident did not breach our corporate systems or infrastructure.”

He said that although no bank details, card numbers, trip locations or dates of birth were accessed in the breach, email addresses and mobile phone numbers of were.

The two unnamed employees who paid the hackers around $100,000 (circa £75,230) to delete the information have been fired from the company.

Khosrowshahi was keen to stress Uber would be ensuring the company would not allow something like this to happen again.

He said: “None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.

“We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”