Industry 4.0 – Africa's opportunity to get real about technology

Ignore the
4.0 hype

Africa needs to focus on
real opportunities.

Wednesday, Oct 17th

Uber data breach didn't affect Africa

Uber data breach didn't affect Africa

Taxi-hailing company Uber has told ITWeb Africa that a recently surfaced data breach, which the company experienced last year affecting 57 million customers and drivers, only affected the US.

The company would not comment or disclose details of measures it is currently taking to ensure the integrity of its systems and security of drivers or riders in Africa.

Bloomberg reported that Uber not only kept the security breach secret from the victims, but also paid the hackers US$100,000 to "delete the data [and] keep quiet."

Bloomberg quotes Uber as follows: "Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world...The personal information of about 7 million drivers was accessed as well, including some 600,000 US driver's license numbers. No Social Security numbers, credit card information, trip location details or other data were taken."

"Apparently, Uber's security chief, Joe Sullivan, lured to Uber from Facebook in 2015, has been sacked in the fallout," notes IT security company Sophos in a blog.

Uber CEO, Dara Khosrowshahi published a blog post yesterday stating; "As Uber's CEO, it's my job to set our course for the future, which begins with building a company that every Uber employee, partner, and customer can be proud of. For that to happen, we have to be honest and transparent as we work to repair our past mistakes."

Khosrowshahi says the incident did not breach the company's corporate systems or infrastructure. "I recently learned that in late 2016 we became aware that two individuals outside the company had inappropriately accessed user data stored on a third-party cloud-based service that we use."

"Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded. However, the individuals were able to download files containing a significant amount of other information."

Khosrowshahi adds that the company, at the time of the incident, took immediate steps to secure the data and shut down further unauthorised access by the individuals.

James Lyne, Sophos cybersecurity advisor is quoted as saying, "Not notifying consumers puts them at greater risk of being victimised with fraud. It's for precisely this reason that many countries are driving to regulations with mandatory breach disclosure."

"For Uber customers and drivers, Sophos advises that they monitor their credit scores and keep their eyes peeled for additional information on what was stolen."

ALSO ON ITWEB AFRICA

Telecommunications key to SSA's projected economic growth Published on 04 October 2018

Economist predict slower than expected growth, but research shows the promise of opportunity in telecoms.

Crypto-backed solar programme launches in Uganda Published on 09 October 2018

Wala, CP-EM partner to create utility-scale, grid-connected renewable power systems.

Fujikura launches two new cleavers Published on 17 October 2018

Fujikura discontinued the famous CT-30A cleaver after 2 decades as well as the CT-06 cleaver. Out with the old and in with the new CT50 Bluetooth enabled cleaver and CT08 single fibre cleaver.

MTN launches free data access to digital entertainment Published on 04 October 2018

Company has announced the availability of Entertainment Pass bundles on selected price plans.