About 100,000 New Zealand users of the Uber ride-hailing app are among the 57 million customers compromised by a recently disclosed data breach, a federal regulator revealed Thursday.
John Edwards, New Zealand’s privacy commissioner, said he learned Wednesday evening that about a quarter of the country’s roughly 400,000 Uber customers were affected by the October 2016 data breach that went unreported until late last month.
“While I am pleased the local representative of Uber has notified my office of the issue, the one-year gap between the breach and notification shows why breach notification should be mandatory,” Mr. Edwards said, Newshub reported. “When personal information is lost, individuals need to take action to protect themselves. People cannot take the action they need to take if they don’t know about the data breach in the first place.”
Uber revealed on Nov. 21 that hackers breached a database 13 months earlier and stole the personal details of 57 million riders and drivers, including their names and contact information. Uber paid the perpetrators to keep the incident under wraps, and two employees implicated in the response were subsequently terminated, according to reports.
“None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” said Dara Khosrowshah, Uber’s chief executive since Aug. 2017.
The breach is currently under review by attorneys general in several states and the U.S. Federal Trade Commission, as well as federal regulators in nations including Australia, U.K., Singapore and the Philippines.
“We take this matter very seriously and we are happy to answer any questions regulators may have,” an Uber spokesperson told New Zealand’s Newshub. “We are committed to changing the way we do business, putting integrity at the core of every decision we make, and working hard to regain the trust of consumers.”
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.