Uber paid hackers ransom to hush up security breach

Uber has come under fire in the UK after admitting that it hushed up a security breach that exposed the details of 57 million customers and drivers.

The taxi app didn’t report the breach and paid a $100,000 ransom to the hackers to delete the data, which included the names, email addresses and phone numbers, but not credit card numbers or trip details.

The breach, which happened last year, only came to light when new CEO Dara Khosrowshahi came clean.

As a result of the cover up, chief security officer Joe Sullivan and another executive have been ousted, Bloomberg reports.

The UK’s deputy information commission James Dipple-Johnson has described Uber’s actions as ‘unacceptable’.

The company has now launched a resource page for those who might have been affected.

"It’s always the company’s responsibility to identify when UK citizens have been affected as part of a data breach and take steps to reduce any harm to consumers," said Dipple-Johnson.

"Deliberately concealing breaches from regulators and citizens could attract higher fines for companies.

"If UK citizens were affected, then we should have been notified so that we could assess and verify the impact on people whose data was exposed."

The Information Commissioner’s Officer and National Cyber Security Centre will work together to determine the scale of the breach and how it affected people in the UK, as well considering the next steps that Uber needs to take to comply with its data protection obligations.