The Uber Data Breach: What Consumers Need to Know

By on Nov 21, 2017

Ride-sharing apps are one of the most successful innovations of the modern digital age. Practically everyone who has a smart phone uses them. When it was discovered today that Uber, the leader in the ride-sharing space, was hit with a massive data breach back in 2016, all of our ears perked up. Let’s look at what happened, and what consumers need to know.

So far, the precise details on the hack are still unclear—however, according to Bloomberg, (who broke the story earlier today) two cybercriminals were able to access a private area of Github, an online resource for developers. From there, they seem to have found Uber’s log-in credentials to Amazon Web Services (Amazon’s cloud computing service). Then, these hackers were able to steal 57 million names, email addresses, and mobile phone numbers. Uber said within that number, 600,000 drivers had their names and license details exposed. A resource page for those affected has been set up and drivers have been offered free credit monitoring protection. But as of now, affected customers will not be given the same resources.

This cyberattack is a testament to the growing trend to target companies whose rapid growth is stifled by their ability to safeguard sensitive data. So now the question is, what do the impacted customers and drivers do next?

  • Change your password. Stealing millions of emails could mean multiple things. Cyber criminals could use those stolen emails to try and guess your Uber login, or gain access to other accounts. So, do your due diligence and change up your password to all accounts attached to that email you use to login with Uber.
  • Stay vigilant. Another way cybercriminals can leverage stolen emails is by using the list for phishing email distribution. If you see something sketchy or from an unknown source in your email inbox, be sure to avoid clicking on any links provided. Better to just delete the email.
  • Monitor your credit card statement. If cybercriminals are able to leverage the data to gain access to accounts, there’s potential they gain access to financial data, too. And as we know, it’s better to be safe than sorry. Be sure to consistently scan your credit card statement for any suspicious or irregular activity. If you see anything odd, flag to your bank immediately.
  • Lock down your mobile device. If for some reason the Uber app is impacted by this attack, or in the future, it’s best you ensure the data stored on your mobile device is secure. To do just that, use a mobile security solution such as McAfee Mobile Security.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

About the Author


McAfee is the device-to-cloud cybersecurity company. Inspired by the power of working together, McAfee creates business and consumer solutions that make our world a safer place. Take a look at our latest blogs.

Read more posts from McAfee

Categories: Consumer

  1. the hackers that got me ! they called my home phone and told me to go open my pc and told me they worked for Microsoft and that I had a Trojan in my pc and to go to my browser and clear top address bar and type in 123/logme in and so I left them in my pc thinking they were going to get rid of the Trojan instead but come to find out he told me on the phone now if you want to get back in your computer you have to pay $400.00 dollars..well I hung up on him and called my HP Tech support and told them what happened and they did a format on my computer and I still have their phone number after I hung up he called me back and left a nasty voice mail threatening mylife…

Subscribe to McAfee Securing Tomorrow Blogs