Zim – drop in No of telco workers.

Why are telco
workers reluctant?

Zim regulator shows a
10% decline in numbers.

Friday, Mar 23rd

Uber data breach didn't affect Africa

Uber data breach didn't affect Africa

Taxi-hailing company Uber has told ITWeb Africa that a recently surfaced data breach, which the company experienced last year affecting 57 million customers and drivers, only affected the US.

The company would not comment or disclose details of measures it is currently taking to ensure the integrity of its systems and security of drivers or riders in Africa.

Bloomberg reported that Uber not only kept the security breach secret from the victims, but also paid the hackers US$100,000 to "delete the data [and] keep quiet."

Bloomberg quotes Uber as follows: "Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world...The personal information of about 7 million drivers was accessed as well, including some 600,000 US driver's license numbers. No Social Security numbers, credit card information, trip location details or other data were taken."

"Apparently, Uber's security chief, Joe Sullivan, lured to Uber from Facebook in 2015, has been sacked in the fallout," notes IT security company Sophos in a blog.

Uber CEO, Dara Khosrowshahi published a blog post yesterday stating; "As Uber's CEO, it's my job to set our course for the future, which begins with building a company that every Uber employee, partner, and customer can be proud of. For that to happen, we have to be honest and transparent as we work to repair our past mistakes."

Khosrowshahi says the incident did not breach the company's corporate systems or infrastructure. "I recently learned that in late 2016 we became aware that two individuals outside the company had inappropriately accessed user data stored on a third-party cloud-based service that we use."

"Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded. However, the individuals were able to download files containing a significant amount of other information."

Khosrowshahi adds that the company, at the time of the incident, took immediate steps to secure the data and shut down further unauthorised access by the individuals.

James Lyne, Sophos cybersecurity advisor is quoted as saying, "Not notifying consumers puts them at greater risk of being victimised with fraud. It's for precisely this reason that many countries are driving to regulations with mandatory breach disclosure."

"For Uber customers and drivers, Sophos advises that they monitor their credit scores and keep their eyes peeled for additional information on what was stolen."


How to prepare your African business' payroll for GDPR Published on 13 March 2018

By asking the right questions and preparing your organisation, GDPR doesn't have to be a headache says Warren van Wyk, Director, PaySpace.

Latest State-of-the-art Web Protection Technology Now Available in Africa Published on 19 March 2018

Ericom Announces Availability of its Ransomware and Malware-Fighting Remote Browser Isolation Solution

2018 - FinTech will be given a distinctly African twist Published on 12 March 2018

Technology will continue to drive the ways we make payments - but we must take African economic realities into account says David Noel Lardin, Vice-President Digital Payment for the CISMEA region at Gemalto.