Uber Is Having a Really, Really Bad Day

Uber is already struggling to maintain a positive consumer image after a series of PR disasters over the last year.

Wait, what happened?
Yesterday was a tough day for Uber. Everyone’s favorite ride-hailing service was outed for attempting to hide the details of a massive hacking incident that occurred in 2016. This left the personal data of drivers and users exposed, including the names and drivers license numbers of nearly 600,000 Uber drivers in the US, along with the sensitive information of over 57 million Uber users globally.

But wait, there’s more!
So the company had an inept security system, what’s the big deal? Surely we’ve seen this story play out before? Whereas usually, a company would have a few bad days and a PR nightmare before journalists and bloggers slowly move on to the next story, this one is going to sting for a bit. Along with the data breach, the firms CTO was also shown to have paid off the two hackers who had accessed the data to the tune of $100,000 in order to keep the situation quiet. Ouch. We hope Uber’s PR team is ready to deal with the media.

Dig Deeper: BadRabbit is Crippling Networks, 10Fold Clients Have Answers

The Experts Weigh In
In the midst of this catastrophe there are experts cutting through the noise, and giving organizations the information they need in order for their company to not be the next big security breach story. Several 10Fold clients talked to Fox News about the event and how security failures like these are affecting the tech industry and beyond, as well as how firms can avoid or protect themselves from attacks in the future.

Stephan Chenette, CEO of enterprise security firm AttackIQ, gave Fox News a statement alongside several other 10Fold clients, saying that; “What makes this breach particularly damning is the failure of Uber to ethically disclose the breach to its customers.”

Manoj Asnani, vice president of product and design at network security firm Balbix, told Fox News that password security is an ongoing challenge for businesses. “Stolen passwords are one of the most common ways adversaries propagate through the enterprise to steal critical data.”

Zohar Alon, co-founder and CEO of cloud security specialist Dome9, added his comments as well, claiming; “This is yet another case of user error trumping the best security measures readily available today. For an organization as large as Uber, this is inexplicable. This is something that Uber, and any organization that is developing code, can and should implement whenever a software engineer checks in code to GitHub,” he added. “Relying on a developer or administrator to follow best practices is foolhardy at scale and the errors seem to be more egregious each and every time a breach makes the headlines.”

Looking for more great insights? Check out some of our other content here.