In Case You Missed it: Uber and Sacramento Regional Transit Hacked

This week, both Uber and the Sacramento Regional Transit system made headlines for cybersecurity incidents. 

The trouble started on Monday, when a hacker forced Sacramento Regional Transit to halt operating systems that assign train and bus routes, and process credit card payments.

“We actually had the hackers get into our system, and systematically start erasing programs and data,” stated Deputy General Manager Mark Lonergan.

Sources indicate the hacker demanded a ransom in Bitcoin, however it is not clear whether the company actually made the payment. The hacker did, however, manage to force the computer systems to be taken down and deleted 30 million files in the process.

Uber, meanwhile, was involved in an ugly mess that actually started back in October, 2016.

Uber today confirmed that the company paid hackers $100,000 to stay quiet after an October, 2016 data breach resulted in the disclosure of the data of 57 million customers. The breach included email addresses, names and mobile phone numbers as well as the names and drivers license numbers of 600,000 drivers. Other sensitive information included credit card numbers, trip location histories, bank account numbers and Social Security numbers.

Uber is now in hot water for silencing the attack, instead of announcing the breach to law enforcement and customers as is proper protocol.

Uber maintains that none of the data was used malevolently.

“We do not believe any individual rider needs to take any action,” the company statement. “We have seen no evidence of fraud or misuse tied to the incident. We are monitoring the affected accounts and have flagged them for additional fraud protection.” 

The company will now offer impacted drivers with free credit monitoring and identity theft protection.