I'd prefer them to pay to delete the info (even if it might've been more costly) and then inform their customers of the hack afterwards.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Hackers Stole Data From 57 Million Uber Drivers and Customers, Uber Paid $100K to Hide Attack
- Thread starter MacRumors
- Start date
- Sort by reaction score
I think they’re asking the question as to why Uber didn’t pay, then disclose the attack. Maybe the hacker’s terms involved keeping the situation undisclosed?
Not in any way surprising coming from Uber. This company is known for nothing but a complete lack of ethics.
Years ago, Uber had such a massive head start over Lyft I couldn’t imagine it would ever be toppled. Now I only bother firing up the Uber app if I’m outside of the US, and even then I feel reluctant. My how times change.
Ok, anyone who believes the hackers would have deleted the information after getting paid is flat out delusional.
Lyft is a lot better and cheaper than Uber anyway, but the issue isn't that they were hacked or even that they chose to pay the hackers money, the issue is that they didn't immediately let everyone know that they were hacked with recommended action their users could take to protect themselves.
Lyft is a lot better and cheaper than Uber anyway, but the issue isn't that they were hacked or even that they chose to pay the hackers money, the issue is that they didn't immediately let everyone know that they were hacked with recommended action their users could take to protect themselves.
Credit card numbers apparently.
http://www.channelnewsasia.com/news...re-charged-for-phantom-rides-overseas-9423624
I like Uber but for sure they have fishy business practices. Guess time to give Lyft a shot.
This is as bad as Yahoo not telling customers they were hacked for several years.
Uber should die a slow and painful business death. A company that acts like that should be sent packing on public transportation.
Uber should die a slow and painful business death. A company that acts like that should be sent packing on public transportation.
I am shocked - shocked - to find that Uber is doing something bad and then covering it up. Totally unprecedented!
[doublepost=1511306841][/doublepost]
[doublepost=1511306841][/doublepost]
They're thieves who stole something. Do you trust them to not keep a copy of the data? To not release it in the future? To not ask for yet more money in the future?
I'm not a big fan of government regulation but I think we have reached the point where Congress needs to pass a piece Sarbanes-Oxley type legislation putting some teeth into data breach disclosure laws. Today CEOs must sign off on financial statements and they can get prison time for signing false / misleading financial disclosures. It is time for them and their CIOs to start signing off on data breach disclosures as well. Fail to notify the public of a data breach in a very timely manner and you get to spend the next 5-10 years reflecting on your poor decision making.
I say this as someone who has been directly impacted by identity theft. Last year I was promptly notified by my accountant when he discovered his business had been hacked and all his client's tax information had been stolen. This past January, the identity thief filed a fraudulent tax return in my name but thankfully the IRS (having been notified by my accountant) put a hold on "my" tax return and sent me a letter telling me I had to appear in person in their office with a government issued photo ID and 3 other documents to prove my identity. When I filed my real tax return, my refund was held up for several months because of the fake return that had been previously filed. Companies that choose to hide or delay disclosures about data breaches need to face more severe consequences than just bad press when the truth eventually comes out.
I say this as someone who has been directly impacted by identity theft. Last year I was promptly notified by my accountant when he discovered his business had been hacked and all his client's tax information had been stolen. This past January, the identity thief filed a fraudulent tax return in my name but thankfully the IRS (having been notified by my accountant) put a hold on "my" tax return and sent me a letter telling me I had to appear in person in their office with a government issued photo ID and 3 other documents to prove my identity. When I filed my real tax return, my refund was held up for several months because of the fake return that had been previously filed. Companies that choose to hide or delay disclosures about data breaches need to face more severe consequences than just bad press when the truth eventually comes out.
Yes, I believe so. I saw an early reference to it in the recent DJI hack document.
In what way do they lack ethics? Uber is a great company that offers great services.
[doublepost=1511308941][/doublepost]
Uber is significantly better than Lyft in my area. Always a good Uber experience, less than average experiences with Lyft. Just my input.
What makes you think the same won’t happen to the new kid.
Many other companies have caused the consumer far more damaging compromises.
They got ubered. Who’s going to trust the driving companies now, huh?
