Uber admits some PH users’ data exposed | Inquirer Business

Uber admits some PH users’ data exposed

/ 05:05 AM November 29, 2017

The personal information of a yet undetermined number of Filipino Uber users have been compromised in a breach late last year, a hack that the company’s US office deliberately hid from the public for more than a year.

This is according to the National Privacy Commission (NPC), which said that Uber Philippines wrote to the agency on Monday to confirm that data on Filipino users were among those compromised in the hacking in October last year.

It was uncertain how Uber could confirm this while it had claimed it could not give the extent of the impact of the data breach.
Regardless of whether the data were used for fraud and other purposes or not, NPC said concealing the breach “bears serious consequences” under the law.

Article continues after this advertisement

“In that letter, Uber confirmed to us that personal information of Filipinos were exposed in the data breach,” Privacy Commissioner Raymund Liboro said in the statement.

FEATURED STORIES

“Unfortunately, Uber failed to provide the details that we expect from personal information controllers about data breach notifications, such as the actual number of Filipinos affected, and the scope of their exposure.”

It has been more than a week since Uber Technologies Inc. admitted that it was hacked in October 2016, with “some personal information of 57 million Uber users” all over the world compromised. How this impacted Filipino users remains uncertain, even to the NPC.

Article continues after this advertisement

While the ridesharing company assured the public that necessary actions had been made, Uber still purposely hid the information from the public until months into the term of its newest chief executive officer. Uber Philippines, for its part, claimed it did not have prior knowledge about the breach.

Article continues after this advertisement

“While Uber has repeatedly asserted that there has been no evidence of fraud or misuse tied to the incident, the concealment of a data breach bears serious consequences under the Data Privacy Act of 2012,” Liboro said.

Article continues after this advertisement

Under the Data Privacy Act of 2012, concealing security breaches that involve sensitive personal information face a penalty that could reach up to five years of imprisonment and a fine of about P500,000.

The necessary punishments, according to the law, would be slapped on people who—after learning about the breach—decided to conceal the fact, whether done intentionally or by omission.

Article continues after this advertisement

“If so qualified, those responsible for the concealment of the breach and for the exfiltration of the data may face serious civil and criminal liability,” Liboro said.

NPC is cooperating with its counterpart authorities in Australia and the United States on this matter, he added.

Uber representatives deferred from commenting on the issue, even when asked about the number of its active Uber users to-date.

In an information page under the “Accounts and Payment” option menu in the help section of the app, Uber said “we do not believe an individual rider needs to take any action,” Uber said in its app.

According to the blog post made by Uber CEO Dara Khosrowshahi, the hackers were able to download names,
e-mail addresses and mobile phone numbers of users across the globe and the driver’s license numbers of drivers in the United States. Other pieces of data were not breached,

The company said no other piece of data was stolen. Later, news organizations reported that Uber paid hackers $100,000 to destroy the stolen data.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

Liboro said Uber had claimed there was “no indication” that any information on Filipino drivers’ licenses were downloaded.

TAGS: Business, Uber

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.