Uber Data Breach Puts More Than Just Credit Cards at Risk

November 29, 2017, Written By Natalie Rutledge

Uber recently disclosed a data breach that affected 57 million driver and rider accounts. The company kept the breach a secret for over a year after paying the hackers $100,000 to delete the information.

Currently, we know that hackers took names, phone numbers, and email addresses during the breach, but they may have also obtained the credit and debit card numbers used to pay for rides. The National Limousine Association submitted a request today to have Uber stop all operations until investigators know the full extent of the investigation.

Is that an over-reaction, or is there merit to the NLA’s concerns? Scott Solombrino, Co-Founder of the NLA, made an excellent point: “Uber knows where you live, work, and eat—all in addition to having your credit cards on file… hackers may have accessed your trip data, learning your habits and selling this information to the highest bidder for reprehensible purposes.”

In other words, Uber doesn’t just store payment information—it provides direct insight into your travel patterns, work/home address, frequent hangout spots, and more. This is more than your standard retail credit card hack, where you can simply cancel your card and get a new one. Uber’s breach may have exposed behavioral patterns with unpredictable consequences.

Uber also stores license numbers and credit card information for drivers. This opens the door for a slightly higher level of identity theft than typical payment card data breaches.

However, we must examine this from both sides. The request to halt operations came from the National Limousine Association, a group which undoubtedly has taken a financial bath during the growth of Lyft and Uber. Traditional cab and limo companies are slowly becoming obsolete because of the speed and convenience of ride sharing. It is possible the NLA is using this as an opportunity to regain some of its customers.

Uber has not been ordered to shut down operations at this time, but the company and the data breach are currently under heavy investigation.



The information contained within this article was accurate as of November 29, 2017. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Natalie Rutledge

Natalie Rutledge majored in Communications at Mississippi State University. She was in sales for a number of businesses and spent nine years working as a communications advisor to various entities. Natalie can be contacted directly at [email protected]
View all posts by Natalie Rutledge