^

Headlines

Uber confirms personal data of Filipino users exposed in breach

Philstar.com
Uber confirms personal data of Filipino users exposed in breach

A sign marks a pick-up point for the Uber car service at LaGuardia Airport in New York. Uber is coming clean about its cover-up of a year-old hacking attack that stole personal information about more than 57 million of the beleaguered ride-hailing service’s customers and drivers. The revelation Tuesday marks the latest stain on Uber’s reputation. AP Photo/Seth Wenig, File

MANILA, Philippines — Ride-hailing firm Uber Philippines (Uber Systems, Inc.) has confirmed that personal information of Filipinos users were included in the reported data breach involving over 50 million users and drivers worldwide, the National Privacy Commission said Tuesday.

Uber made the confirmation in a letter to the NPC on Monday.

However, Uber failed to provide the commission more information about the data breach, including the actual number of Filipinos affected and the “scope of their exposure.”

“Under the principle of accountability, we require personal information controllers within our jurisdiction to provide detailed information on the nature of the incident, the scope of the exposure, and the remedial measures taken,” the NPC said in a press statement.

Despite its failure to disclose more detailed information about the compromised Filipino data, Uber, according to the NPC, nonetheless declared the following:

  • Two individuals outside Uber inappropriately accessed user data stored on a third-party cloud-based service that Uber uses.
  • The two Uber employees who led the response to the data breach are no longer with Uber.
  • The compromised data includes the names and driver’s license of around 600,000 drivers in the United States and some personal information of 57 million Uber users around the world. The information included names, email addresses and mobile phone numbers.
  • The incident did not breach Uber’s corporate systems; there is no indication that trip location history, credit card numbers, bank account numbers, or dates of birth were downloaded.
  • Filipino data subjects are affected, but there is no indication that any Filipino driver’s licenses were downloaded.
  • Uber has implemented security measures to restrict access to and strengthen controls on their cloud-based storage accounts.

Serious consequences

Uber Chief Executive Officer Dara Khosrowshahi last week confirmed to Bloomberg US that a massive data breach happened last year and that it was concealed by its former chief security officer and one of his deputies.

 “While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection,” Khosrowshahi was quoted as saying.

“None of this should have happened, and I will not make excuses for it,” he added.

READ: Uber reveals cover-up of hack affecting 57M riders, drivers

In the same press statement on Tuesday, the NPC reminded Uber that concealment of a data breach “bears serious consequences” under the Data Privacy Act of 2012.

This was despite the company’s repeated assurance that there had been no evidence of fraud or misuse tied to the incident, the NPC noted.

“If so qualified, those responsible for the concealment of the breach and for the exfiltration of the data may face serious civil and criminal liability,” the privacy commission said.

“The investigation continues. We are also cooperating with the data privacy authorities of Australia and the United States on this matter,” it added.

“We appreciate the continued participation and cooperation of Uber in this investigation. On their own initiative, Uber has placed an information page available within the Accounts and Payment Options menu within the Help section of the Uber app. Filipino data subjects may avail of this feature.”

READ: NPC taps US trade body on Uber data breach

Philstar
  • Latest
  • Trending
Latest
Latest
abtest
Are you sure you want to log out?
X
Login

Philstar.com is one of the most vibrant, opinionated, discerning communities of readers on cyberspace. With your meaningful insights, help shape the stories that can shape the country. Sign up now!

Get Updated:

Signup for the News Round now

FORGOT PASSWORD?
SIGN IN
or sign in with