Pages

Friday, November 24, 2017

Remind me to sign up for Lyft

Over the last couple of years, I’ve become a pretty regular Uber user. Oh, I like to support cabbies, as I know they make better money than Uber. But you can’t beat the convenience of Uber. Call a cab, and there’s the crapshoot waiting. Will they show up, won’t they show up. And when will they show up. No way of ascertaining any of this without calls back to the dispatchers.

With Uber? You watch the little cartoon car make it’s way down the street to the pick up location. Three minutes away… Two minutes away… Arriving…

Plus Uber is a lot cheaper than taking a cab.

So I always give the Uber driver a good tip (in cash).

And, unless they’re all liars, most of the drivers I’ve had – and I do talk to all of them – don’t mind driving for Uber.

But I do know, of course, that Uber is a crappy company.

They don’t treat their non-employees all that well. And they don’t treat their employee-employees all that well, either. The work environment is reputedly toxic, especially for women. Last summer, Travis Kalanick was forced out, mostly for being a tyrant and an all-round shit.

And now this…

Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers. (Source: Bloomberg)

What did the hackers get? Oh, just the names, email addresses, and phone numbers of 50 million Uber users, including I suppose mine. According to Uber – oh, so trustworthy – no credit card info or trip location deets were snagged.

As for driver info, personal information was hacked on 7 million drivers, among it, the driver’s license numbers for 600K of the drivers in the U.S. According to Uber – oh, so trustworthy – no Social Security numbers were snagged.

Uber should have reported the hack to regulators and to the drivers whose info was compromised. And I don’t know what the legalities are here, but shouldn’t I and the other 49,999,999 million Uber users have been told that some of our personal info was lifted, even if it wasn’t our credit card numbers? Perhaps Equifax can guide them here…

Uber acknowledges that they shoulda done a better job, but:

said it believes the information was never used but declined to disclose the identities of the attackers.

Because we should trust the goodness and integrity of hackers?

Okay, these must have been low-end, amateur hour hackers to settle for a $100K payoff. Weren’t they aware of how much Uber is worth, at least on paper?

Uber assures us that all is well:

“At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals,” [Kalanick replacement CEO Dara] Khosrowshahi said. “We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.”

Why am I not assured?

On the to do list: download the Lyft app.

No comments:

Post a Comment