Article Lead Image

50,000 Uber drivers compromised in newly reported cyberattack

The breach originated in May 2014.

 

Dell Cameron

Tech

Posted on Feb 27, 2015   Updated on May 29, 2021, 10:27 am CDT

Thousands of Uber drivers may have had personal information compromised during a 2014 cyberattack.

In a statement on Friday, the company said a vulnerability in a database containing the names and driver’s license numbers of Uber drivers allowed an unauthorized third party to obtain access. Uber said it realized the database may have been hacked into last September.

“Immediately upon discovery we changed the access protocols for the database, removing the possibility of unauthorized access,” said Katherine Tassi, Uber’s managing counsel of data privacy.

An internal investigation revealed that as many as 50,000 drivers across multiple states may have been affected, “which is a small percentage of current and former Uber driver partners,” the company said. It’s believed that the breach which precipitated the data theft occurred on May 13, 2014.

“We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident,” Tassi added.

According to the Breach Level Index published by digital security company Gemalto, over a billion personal data records were compromised by hackers last year. Identity theft was the primary motivation behind more than half of the breaches examined.

Uber said it will provide impacted drivers with a free one-year membership to an identity theft alert service. Additionally, the company said it filed a lawsuit to gather additional information that may confirm the identity of its attacker. 

Photo via Uber

Share this article
*First Published: Feb 27, 2015, 8:34 pm CST