PORTLAND, Ore. (KOIN) — Uber revealed Tuesday that it covered up a data breach that affected more than 57 million people after a pair of hackers attacked the company late last year.
The hackers stole names, phone numbers, email address and license plate numbers from millions of riders and drivers.
Instead of notifying users, Uber agreed to pay the hackers $100,000 to delete the data and not tell anyone about the breach.
“There are beach notification laws in virtually every state in the United States and if you do have a breach you are required to notify the affected parties,” Andrew Plato with Anitian cyber security firm.
This isn’t the first problem Uber has encountered. The company is facing several criminal investigations by the government, dozens of lawsuits and PR damage.
After this latest controversy, the company’s top security chief Joe Sullivan was fired for the cover up.
“When our information is out there we need to understand what information has been taken,” Kerri Fry with Red Hawk Network Security said.
The latest hack comes days after Governor Kate Brown and legislators in Salem teamed up with private firms to launch the Oregon Cyber Initiative.
“The hackers, they’re working together,” Fry said. “It’s a business out there for them but it’s a business for us too we have to break down our walls and work together as a community.”
The Oregon Cyber Initiative is the first of its kind and aims to protect and education companies and everyday Oregonians about the increasing threat of hackers.
“They are so well armed and so well organized at this point that it rivals the organization and capabilities of most large companies,” Fry said.