Skip to main content

Advertisement

Advertisement

Uber Singapore working with the authorities after data breach revealed

SAN FRANCISCO/SINGAPORE — Uber Singapore is in the process of notifying various regulatory and government authorities, after it was revealed on Tuesday (Nov 21) by chief executive Dara Khosrowshahi that hackers compromised personal data from some 57 million riders and drivers in a breach kept hidden for a year.

Reuters file photo

Reuters file photo

Follow TODAY on WhatsApp

SAN FRANCISCO/SINGAPORE — Uber Singapore is in the process of notifying various regulatory and government authorities, after it was revealed on Tuesday (Nov 21) by chief executive Dara Khosrowshahi that hackers compromised personal data from some 57 million riders and drivers in a breach kept hidden for a year.

“We are in the process of notifying various regulatory and government authorities and we expect to have ongoing discussions with them,” an Uber Singapore spokesperson told TODAY on Wednesday, in response to a query on whether Singaporean riders or drivers were affected by the data breach. The spokesperson added that they are not “in a position to get into any more details” until the process is completed.

When contacted, both the Land Transport Authority and the Personal Data Protection Commission said they were aware of the breach, and have contacted Uber for more details.

Mr Mohamad Randy, executive secretary of the National Private Hire Vehicles Association (NPHVA), said the group “urges Uber Singapore to confirm whether or not the personal data of the drivers has been breached”.

He added: “In the event that the data has been breached, Uber drivers should be informed about the extent of the breach and Uber should provide the necessary support to them to address any concerns that they may have. NPHVA advises all private hire drivers with Uber to be vigilant and report suspicious misuse of data to the authorities.”

Uber drivers and users whom TODAY spoke with were not too perturbed, but some called for the company to impose more stringent security measures.

A part-time driver in his 30s, who declined to be named, felt that Uber may had been facing “teething” issues, and could need time to sort things out. Still, another driver, who gave her name as Elliot, said she was shocked to hear the news.

Mr Mervyn Tan, 52, who uses Uber at least once a day for the past 1.5 years, also said he was not too worried, since it did not seem like the stolen information included credit card details.

Uber has told Channel NewsAsia that it has “no reason to believe” that the massive data breach was linked to the “phantom” rides being reported by some Singapore users.

In any case, Mr Tan said he had removed all his credit-card details from the ride-hailing apps that he uses, paying through cash, for instance, so that he does not fall victim to credit-card fraud. While he was confident that the authorities would look into the matter, he added: “What recourse do I have as a passenger? I can’t do anything.”

In a media statement, Mr Khosrowshahi, who took over at the Uber in August, said: “None of this should have happened, and I will not make excuses for it.”

Two members of the Uber information security team who “led the response” that included not alerting users that their data was breached were let go from the San Francisco-based company effective on Tuesday, according to Mr Khosrowshahi.

The Uber chief said he only recently learned that outsiders had broken into a cloud-based server used by the company or data and downloaded a “significant” amount of information. Stolen files included names, email addresses, and mobile phone numbers for riders, and the names and driver license information of some 600,000 drivers, Uber said.

Uber paid the hackers US$100,000 (S$135,465) to destroy the data, not telling riders or drivers whose information was at risk, according to a source familiar with the situation.

Co-founder and ousted chief Travis Kalanick was advised of the breach shortly after it was discovered, but it was not made public until Uber’s new boss Mr Khosrowshahi found out.

“You may be asking why we are just talking about this now, a year later,” Mr Khosrowshahi said. “I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it.”

He said that what he learned about Uber’s failure to notify users or regulators has prompted corrective actions. WITH AGENCIES

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.