The massive breach dates from October 2016 and was hidden by the embattled ride-sharing firm which paid the two hackers responsible $100,000 to then delete the data and keep quiet
Related:
Hacker Mines Data from South American, South East Asian Diplomatic Targets
The data hacked from October 2016 attack included names, email addresses and phone numbers of over 50 million Uber riders from around the world, the company told Bloomberg, who broke the story on Tuesday.
At the time of the incident, Uber was negotiating with U.S. regulators investigating multiple claims of privacy violations.
“None of this should have happened, and I will not make excuses for it,” Dara Khosrowshahi, who took over as chief executive officer in September, said in a statement. “We are changing the way we do business.”
This is yet another embarrassing revelation coming from a company well known for ignoring regulations.