Ride-sharing apps are one of the most successful innovations of the modern digital age. Practically everyone who has a smart phone uses them. When it was discovered today that Uber, the leader in the ride-sharing space, was hit with a massive data breach back in 2016, all of our ears perked up. Let’s look at what happened, and what consumers need to know.
So far, the precise details on the hack are still unclear—however, according to Bloomberg, (who broke the story earlier today) two cybercriminals were able to access a private area of Github, an online resource for developers. From there, they seem to have found Uber’s log-in credentials to Amazon Web Services (Amazon’s cloud computing service). Then, these hackers were able to steal 57 million names, email addresses, and mobile phone numbers. Uber said within that number, 600,000 drivers had their names and license details exposed. A resource page for those affected has been set up and drivers have been offered free credit monitoring protection. But as of now, affected customers will not be given the same resources.
This cyberattack is a testament to the growing trend to target companies whose rapid growth is stifled by their ability to safeguard sensitive data. So now the question is, what do the impacted customers and drivers do next?
- Change your password. Stealing millions of emails could mean multiple things. Cyber criminals could use those stolen emails to try and guess your Uber login, or gain access to other accounts. So, do your due diligence and change up your password to all accounts attached to that email you use to login with Uber.
- Stay vigilant. Another way cybercriminals can leverage stolen emails is by using the list for phishing email distribution. If you see something sketchy or from an unknown source in your email inbox, be sure to avoid clicking on any links provided. Better to just delete the email.
- Monitor your credit card statement. If cybercriminals are able to leverage the data to gain access to accounts, there’s potential they gain access to financial data, too. And as we know, it’s better to be safe than sorry. Be sure to consistently scan your credit card statement for any suspicious or irregular activity. If you see anything odd, flag to your bank immediately.
- Lock down your mobile device. If for some reason the Uber app is impacted by this attack, or in the future, it’s best you ensure the data stored on your mobile device is secure. To do just that, use a mobile security solution such as McAfee Mobile Security.
"author": "Gary Davis",
"category": "Consumer Threat Notices",
"authordetail": "Gary Davis is Chief Consumer Security Evangelist. Through a consumer lens, he partners with internal teams to drive strategic alignment of products with the needs of the security space. Gary also provides security education to businesses and consumers by distilling complex security topics into actionable advice. Follow Gary Davis on Twitter at @garyjdavis",
"pubDate": "Tue, 21 Nov 2017 12:35:48 +0000"
About the Author
Categories: Trusted Advisor