In October 2016, Uber experienced a data security breach related to rider and driver accounts. The company has since shared that approximately 380,000 riders and drivers were affected in Singapore.
"This is an approximation rather than an accurate and definitive count because sometimes the information we get through the app or our website that we use to assign a country code is not the same as the country where a person actually lives," the company said online.
Riders' information that was stolen included the names, email addresses, and mobile phone numbers related to accounts globally. "Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, or dates of birth were downloaded," Uber said.
According to Uber, the company took immediate steps to secure the data, shut down further unauthorised access, and strengthen its data security when the incident occurred, and does not believe any individual rider needs to take any action. "We have seen no evidence of fraud or misuse tied to the incident. We are monitoring the affected accounts and have flagged them for additional fraud protection," Uber said online.
In early December, Uber and ComfortDelGro in Singapore entered into a strategic agreement whereby ComfortDelGro will acquire a 51% stake in Uber’s wholly-owned car rental subsidiary in Singapore, Lion City Rentals (LCR). Uber will retain a 49% ownership stake in LCR, maintaining a very active role in the company, in addition to holding three of the seven seats on LCR’s board. The Uber and ComfortDelGro brands and mobile applications will continue to operate independently.
"This is an approximation rather than an accurate and definitive count because sometimes the information we get through the app or our website that we use to assign a country code is not the same as the country where a person actually lives," the company said online.
Riders' information that was stolen included the names, email addresses, and mobile phone numbers related to accounts globally. "Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, or dates of birth were downloaded," Uber said.
According to Uber, the company took immediate steps to secure the data, shut down further unauthorised access, and strengthen its data security when the incident occurred, and does not believe any individual rider needs to take any action. "We have seen no evidence of fraud or misuse tied to the incident. We are monitoring the affected accounts and have flagged them for additional fraud protection," Uber said online.
In early December, Uber and ComfortDelGro in Singapore entered into a strategic agreement whereby ComfortDelGro will acquire a 51% stake in Uber’s wholly-owned car rental subsidiary in Singapore, Lion City Rentals (LCR). Uber will retain a 49% ownership stake in LCR, maintaining a very active role in the company, in addition to holding three of the seven seats on LCR’s board. The Uber and ComfortDelGro brands and mobile applications will continue to operate independently.
Brooks Entwistle, Chief Business Officer of Uber’s business in Asia Pacific said at the time, "This strategic collaboration is good news for our two companies, it is also great for riders, drivers and for Singapore. ComfortDelGro shares our vision for the future of urban mobility, and with this joint venture Comfort and Uber can accelerate this shared vision of the future, powered by technology that unlocks the true potential of Singapore, for everyone, everywhere.
"This joint venture is also a testament to the tremendous potential of ridesharing technology in this highly competitive local transportation market, and to our commitment to partnering for greater growth as we continue to build a sustainable global business."
Editor's note:
Uber is a common target for cybercriminals who have obtained stolen credit card details. They may open an Uber account with the details, and typically start with a small transaction to test the waters, growing increasingly bolder with larger transactions over time, all small enough not to raise any alarm bells with the card-issuing bank. Several transactions are made a day, every day. Some people have also seen mystery transactions in the Uber or UberEATS accounts they own. It pays to check Uber as well as credit card accounting records carefully to nip any suspicious activity in the bud.
I discovered my own Uber credit card scam by chance, several days after cybercriminals began charging my credit card for rides in Sydney, Australia. In less than a week, the cybercriminals had racked up over S$1,300 in Uber charges.
The banks are quite familiar with Uber-related thefts and will typically block the existing credit card and replace it with no questions asked. The opportunity cost is however with the owner of the credit card who has to do without a credit card for several days, while they wait for their new card to arrive.