Uber Exec Admits it was “Wrong” Not to Reveal Breach Sooner

Uber Exec Admits it was “Wrong” Not to Reveal Breach Sooner

February 7, 2018         Written By Natalie Rutledge

During testimony before a Senate Subcommittee on Consumer Protection yesterday, Uber’s Chief Information Security Officer said there was “no justification” for failing to report the 2016 data breach, which resulted in the information of 57 million drivers and customers being exposed. Of those, 29.1 million are U.S. citizens.

In a written statement, John Flynn said, “it was wrong not to disclose the breach earlier.”

Customer names, email addresses and phone numbers were obtained in the breach. But no credit card information, Social Security numbers, or travel information was leaked.

The hacker who obtained the data was paid $100,000 by Uber in 2016, but the incident was not reported until November 2017. Uber made the payment through its bug bounty program, which Flynn now says was “inappropriate.”

“We recognize that the bug bounty program is not an appropriate vehicle for dealing with intruders who seek to extort funds from the company,” he said. “The approach that these intruders took was separate and distinct from those of the researchers in the security community for whom bug bounty programs are designed.”

The men responsible for the leak resided in Florida and Canada, according to Reuters.

During the hearing, legislators called the company’s actions “morally wrong and legally reprehensible.”

“The fact that the company took approximately a year to notify impacted users raises red flags within this committee as to what systemic issues prevented such time-sensitive information from being made available to those left vulnerable,” added Republican and Senate panel chairman senator Jerry Moran.

Flynn testified before the Subcommittee on the same day that Uber founder, Travis Kalanick, appeared in court for a trade secrets trial known as Waymo v. Uber. 

The information contained within this article was accurate as of February 7, 2018. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Natalie Rutledge

Natalie Rutledge majored in Communications at Mississippi State University. She was in sales for a number of businesses and spent nine years working as a communications advisor to various entities. Natalie can be contacted directly at natalie@lowcards.com
View all posts by Natalie Rutledge
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : No Annual Fee; Cash Back match at the end of your first year; Social Security Alerts
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time
Featured Cash Back Card
Top Features : No Annual Fee, Bonus Offer, Cash Back