Uber, the company behind the popular mobile-app-based transportation network, has recently reported that a breach in its databases might have leaked the information of up to 50,000 of its current and former drivers. According to Uber, the breach was carried out by an “unauthorized third party” in a hacking attempt last May.
Since its launch, Uber has become a widely used transportation service for commuters and travelers alike; the app allows consumers to submit trip requests, which are then routed to crowd-sourced taxi drivers. Due to its initial success, the service has become available in over 50 countries and 200 cities around the world, as of December 2014.
Upon discovery of the breach, Uber has taken the necessary steps to plug the leak, which could’ve leaked driver partner names and driver’s license numbers. The company has now reached out to the drivers whose information could have been exposed, offering them a free one-year membership to Experian’s ProtectMyID Alert identity theft protection service as compensation.
“We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident,” states Katherine Tassi, Uber’s Managing Counsel of Data Privacy. “Uber takes seriously our responsibility to safeguard personal information, and we are sorry for any inconvenience this incident may cause. In addition, today we filed a lawsuit that will enable us to gather information to help identify and prosecute this unauthorized third party.”
According to the company, the breach only involves a small percentage of drivers, although registered drivers under the service should check their bank statements for any signs of suspicious activity. In the meantime, Uber has filed a ‘John Doe’ lawsuit in order to gather information that may lead to the identification of the third party responsible for the leak of private data, as stated in a blog post published yesterday, February 27, 2015.
Uber also states that the hack is a one-time occurrence. Since the event, the company has changed its access protocols to prevent similar breaches in the future.
“Uber takes seriously our responsibility to safeguard personal information, and we are sorry for any inconvenience this incident may cause.”