Uber comes clean about massive data hack

Uber acknowledged on Tuesday it covered up a year-old hacking attack that compromised the personal information of more than 57 million riders and drivers. So far there is no evidence that the data was misused, according to ride-hailing service’s CEO, Dara Khosrowshahi, in a posting on Uber’s website. The hackers took the names, email addresses, and mobile phone numbers of riders and drivers from around the world, and the driver’s license numbers of at least 600,000 U.S. drivers. Uber said it paid the hackers $100,000 to destroy the stolen information. The October 2016 attack happened while now-ousted CEO Travis Kalanick was at the helm of the company. Khosrowshahi criticized Uber’s handling of the attack in his post and said the company was committed to “changing the way we do business, putting integrity at the core of every decision we make.” New York Attorney General Eric Schneiderman’s office on Wednesday confirmed it had opened an investigation. Britain’s Deputy Information Commissioner James Dipple-Johnstone said on Wednesday that Uber faces “higher fines” for concealing the hack from the public. Dipple-Johnstone’s office and the National Cyber Security Center are investigating the severity of the problem for British Uber users.