• Here's What You Can Do if Affected by Uber's 2016 Data Breach

    It's what I did, anyway.

    I found out via email yesterday that I was one of the 815,000 Canadian Uber users (along with some 57 million Americans) whose personal data was compromised. Here's an excerpt from the email I received:

    In November 2016, Uber became aware that two individuals outside the company had accessed certain user data stored with a third-party service [...] The files that were accessed contained user information that we used to operate our services, and for nearly all users this included name, email address, and mobile phone number used on your account before 2016. Our outside forensics experts have seen no indication that trip location history, dates of birth, or payment information were accessed or downloaded.
    Personally I'd have preferred to have my credit card number leaked rather than my email address and phone number, for the simple reason that my bank has much stronger protections in place against fraud than either my email provider or wireless carrier. Maybe that's just me.

    What really stinks about this whole mess is that Uber didn't even want to notify affected Canadians at all. Mobile Syrup reports that the ride-sharing company was ultimately compelled to do so because of a February 28th ruling by the Alberta Privacy Commissioner. Uber plans to appeal that ruling, but there is a separate investigation being conducted by the Office of the Privacy Commissioner of Canada.

    I don't expect every Uber user reading this to have the luxury of being able to delete their account; as a driver or passenger you might depend on the service. Fortunately I don't, but more importantly I no longer trust this company with my personal data.

    Links: Mobile Syrup

    This article was originally published in forum thread: Here's What You Can Do if Affected by Uber's 2016 Data Breach started by acurrie View original post
    Comments 2 Comments
    1. Mr.Peppermint's Avatar
      Mr.Peppermint -
      Considering every online presence from banks to loyalty cards are easy enough to hack what is your solution?
      Delete everything?

      We know RFD & HoFo were breached and both also had your email address
    1. CGY Guy's Avatar
      CGY Guy -
      Use a throw-away email addie for online. Restrict sharing personal info, and don't get complacent.