Uber Data Hack Affected 2.7 Million Customers And Drivers, Company Reveals

Around 2.7 million UK Uber passengers and drivers were affected by a global data hack that was covered up for more than a year, the company confirmed on Wednesday. 

However, Uber said there was no evidence to suggest trip location history, bank account details or credit card numbers had also been downloaded in the breach.

“We do not believe any individual rider needs to take any action,” Uber said in a statement.

“We have seen no evidence of fraud or misuse tied to the incident. We are monitoring the affected accounts and have flagged them for additional fraud protection.”

The details come after it emerged last week that the data of 57 million people had been exposed in a 2016 breach performed by two hackers.

Bloomberg revealed that the company had concealed the issue for more than a year, paying the pair $100,000 (£75,500) to delete the data and stay quiet. 

News of the hack comes just months after Uber lost its London operating licence in September, with Transport for London declaring that the app was not “fit and proper” to hold one.

Writing on Twitter this afternoon, Mayor of London Sadiq Khan said: “Uber need to urgently confirm which of their customers are affected, what is being done to ensure these customers don’t suffer adversely, and what action is being taken to prevent this happening again in the future.” 

Uber CEO Dara Khosrowshahi said last week that the hacks should not have “happened, and I will not make excuses for it”.

“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” he said.

“We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”

The Information Commissioner’s Office (ICO) has previously expressed “huge concerns” about the hack.

In a statement today, deputy commissioner James Dipple-Johnstone said that the stolen information was “unlikely to pose a direct threat to citizens” on its own.

“However, its use may make other scams, such as bogus emails or calls appear more credible. People should continue to be vigilant and follow the advice from the NCSC,” he said.

“We would expect Uber to alert all those affected in the UK as soon as possible.”