Uber, the ride-sharing service, is revealing information about the company's cover-up of a hack in which personal information from more than 57 million customers and drivers was stolen.
Nothing harmful has been done with the information partly because Uber paid $100,000 to the hackers to destroy the hacked information, CBS News confirmed.
"The truly scary thing here is that Uber paid a bribe, essentially a ransom to make this breach go away, and they acted as if they were above the law," said Sam Curry, Cybereason chief security officer, CBS News reported. "Those people responsible for the integrity and confidentiality of the data, in fact, covered it up," Curry added.
Uber customers are likely to demand "action and protection," according to Ken Spinner, cybersecurity firm Veronis' vice president of field engineering.
"Every state attorney general is going to be salivating at the prospect of suing Uber," Spinner said.
The attack stole names, email addresses, and phone numbers of 57 million Uber riders around the world, and took 600,000 driver's license numbers in the U.S., CBS News reported.
Because the company did not reveal the year-ago hack promptly, any fine against Uber will be larger than usual, according to James Dipple-Johnstone, Britain's deputy information commissioner. "If UK citizens were affected, then we should have been notified so that we could access and verify the impact on people whose data was exposed," the commissioner said.
The company also tracked down the hackers and pushed for them to sign nondisclosure agreements, people familiar with the matter said, The New York Times reported.
© 2025 Newsmax. All rights reserved.