IT for Business 1: An Analysis of the Uber Data Breach Incident
VerifiedAdded on 2023/06/04
|11
|2482
|129
Report
AI Summary
This report provides an executive summary and detailed analysis of the 2016 Uber data breach, examining the incident's impact on over 56 million customers, including the exposure of names, phone numbers, and email addresses. The report delves into the breach's causes, highlighting the compromise of third-party cloud services and the theft of driver's license numbers. It discusses Uber's response, including attempts to conceal the breach and pay off the hackers. Furthermore, the report presents recommendations to enhance data security, such as implementing corporate integrity programs, adopting data breach notification practices, and employing independent third-party assessments of data security. The conclusion emphasizes the importance of information technology and data security in the contemporary business environment and the necessity for companies to safeguard customer data to maintain trust and achieve success in a competitive market.
IT FOR BUSINESS
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
UBER Data Breach
Executive Summary
In this report, the analysis will be made on the issue which is related to "UBER DATA
BREACH". The first phase of the report will explain the overall incident which took place and in
the last phase of the report recommendations will be given which will help in securing the
overall information of the customers as it can help the company to grow in the competitive
market. The information security is an important aspect towards which every company look
forward and ensure there is no gap of any data theft.
1
UBER Data Breach
Executive Summary
In this report, the analysis will be made on the issue which is related to "UBER DATA
BREACH". The first phase of the report will explain the overall incident which took place and in
the last phase of the report recommendations will be given which will help in securing the
overall information of the customers as it can help the company to grow in the competitive
market. The information security is an important aspect towards which every company look
forward and ensure there is no gap of any data theft.
1
2
UBER Data Breach
Table of Contents
Executive Summary.....................................................................................................................................1
Introduction.................................................................................................................................................3
UBER Data Breach.......................................................................................................................................3
Conclusion and recommendations..............................................................................................................5
References...................................................................................................................................................8
Appendices................................................................................................................................................10
2
UBER Data Breach
Table of Contents
Executive Summary.....................................................................................................................................1
Introduction.................................................................................................................................................3
UBER Data Breach.......................................................................................................................................3
Conclusion and recommendations..............................................................................................................5
References...................................................................................................................................................8
Appendices................................................................................................................................................10
2
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
UBER Data Breach
Introduction
In the present business environment, there are many companies who are facing the issue related
to Data Breach. It is necessary for the companies to emphasize and consider the techniques
which can help to maintain the entire information of the business. This report will depict the
information technology issue in the business environment. The issue which is selected for the
report is related to "UBER". This is the recent news that involves the information security breach
and this incident took place in 2016.
UBER is one of the popular ridesharing, taxi cab, and food delivery network company and
headquarter of the company is in California. In more than 784 areas the company manages their
activities (UBER, 2018). UBER introduced application as well as websites that can help the
customers to avail the services. The company was established in 2009 in the United States. The
data breach which took place in 2016 exposed the names, phone numbers and also the email
addresses of the people who are using UBER technologies INC (Mastrorillo, 2016).
UBER Data Breach
The issue in the business environment took place in 2016. UBER faced the issue related to the
data breach in 2016 that has given impact on the more than 56 million customers and the riders
and drivers. In this, the names were revealed with the phone numbers which not only impacted
the activities of the company but also affected the brand image of the company. There are more
than 50 million riders, 7 million drivers and many customers. In this around 6, 00,000 driver
license with the numbers of the drivers were also included (Etherington, 2018).
In 2016, there were two individuals who are outside the company and they accessed the user
data which was stored on the third party cloud-based services that were used by the company.
When the two individuals breached the information of the company, there were forensics experts
who were not able to analyze that the information of the company was going to the third party.
They have not seen any sign that history related to trip location, credit card numbers, bank
account numbers, and date of birth and also social security numbers were taken by the third party
(Schneider, 2017).
According to the case, the individuals were easily able to download the files which consist of the
entire data of the company. The information or the data which was breached includes the names
3
UBER Data Breach
Introduction
In the present business environment, there are many companies who are facing the issue related
to Data Breach. It is necessary for the companies to emphasize and consider the techniques
which can help to maintain the entire information of the business. This report will depict the
information technology issue in the business environment. The issue which is selected for the
report is related to "UBER". This is the recent news that involves the information security breach
and this incident took place in 2016.
UBER is one of the popular ridesharing, taxi cab, and food delivery network company and
headquarter of the company is in California. In more than 784 areas the company manages their
activities (UBER, 2018). UBER introduced application as well as websites that can help the
customers to avail the services. The company was established in 2009 in the United States. The
data breach which took place in 2016 exposed the names, phone numbers and also the email
addresses of the people who are using UBER technologies INC (Mastrorillo, 2016).
UBER Data Breach
The issue in the business environment took place in 2016. UBER faced the issue related to the
data breach in 2016 that has given impact on the more than 56 million customers and the riders
and drivers. In this, the names were revealed with the phone numbers which not only impacted
the activities of the company but also affected the brand image of the company. There are more
than 50 million riders, 7 million drivers and many customers. In this around 6, 00,000 driver
license with the numbers of the drivers were also included (Etherington, 2018).
In 2016, there were two individuals who are outside the company and they accessed the user
data which was stored on the third party cloud-based services that were used by the company.
When the two individuals breached the information of the company, there were forensics experts
who were not able to analyze that the information of the company was going to the third party.
They have not seen any sign that history related to trip location, credit card numbers, bank
account numbers, and date of birth and also social security numbers were taken by the third party
(Schneider, 2017).
According to the case, the individuals were easily able to download the files which consist of the
entire data of the company. The information or the data which was breached includes the names
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
UBER Data Breach
and driver's license number of the people in the United States. Also, the private information of
57 million customers was taken. The data also consists of names, email address, mobile numbers
and the address of the customers (Romanosky, Hoffman and Acquisti, 2014).
Due to this, the information of the company was taken by the third party and also it affected the
entire operation of the company. It is necessary for the company to secure the personal data as it
can help the company to grow in the market (Naccache, Côté and Coelho, 2018). But in 2016
breach, it is investigated that intruders who are in the data storage service which was ran by
Amazon. Com also gathered the unencrypted customer private data which relates to the US
riders and drivers. It also includes 25.6 Million names and email addresses and 22.1 Million
names and mobile phones numbers and also 607,000 names and driver's license numbers
(Bloomberg, 2018).
There are many reporters who stated that the attack which took place is just because of the
attackers who managed to access the login credentials for an UBER Amazon Web services
account with the help of private GITHUB site managed by the engineers of UBER. By logging
in, the attackers got the information of the customers and the confidential information of the
company (Bloomberg, 2018).
When this incident took place, the company considered steps so that the privacy of the customers
can be maintained. Also, they focused on shutting down the unauthorized access of the people.
UBER identified the people who are engaged in this act and ensured that downloaded data has
been destroyed. It is important for the company to maintain the security with the help of cloud-
based storage accounts (Dudley, Banister, and Schwanen, 2017).
UBER also focused on implementing the security methods so that restriction can be made on the
unauthorized login and also it helps the company to maintain the control on the entire cloud-
based storage accounts. After this incident, the company tried to maintain the secret of data
breach and paid hackers approximately US$100,000 to destroy the entire data (Bloomberg,
2018).
It is important for the company to focus on destroying the data as in the business environment;
people are more inclined towards achieving the advantages or the benefits. There are competitors
4
UBER Data Breach
and driver's license number of the people in the United States. Also, the private information of
57 million customers was taken. The data also consists of names, email address, mobile numbers
and the address of the customers (Romanosky, Hoffman and Acquisti, 2014).
Due to this, the information of the company was taken by the third party and also it affected the
entire operation of the company. It is necessary for the company to secure the personal data as it
can help the company to grow in the market (Naccache, Côté and Coelho, 2018). But in 2016
breach, it is investigated that intruders who are in the data storage service which was ran by
Amazon. Com also gathered the unencrypted customer private data which relates to the US
riders and drivers. It also includes 25.6 Million names and email addresses and 22.1 Million
names and mobile phones numbers and also 607,000 names and driver's license numbers
(Bloomberg, 2018).
There are many reporters who stated that the attack which took place is just because of the
attackers who managed to access the login credentials for an UBER Amazon Web services
account with the help of private GITHUB site managed by the engineers of UBER. By logging
in, the attackers got the information of the customers and the confidential information of the
company (Bloomberg, 2018).
When this incident took place, the company considered steps so that the privacy of the customers
can be maintained. Also, they focused on shutting down the unauthorized access of the people.
UBER identified the people who are engaged in this act and ensured that downloaded data has
been destroyed. It is important for the company to maintain the security with the help of cloud-
based storage accounts (Dudley, Banister, and Schwanen, 2017).
UBER also focused on implementing the security methods so that restriction can be made on the
unauthorized login and also it helps the company to maintain the control on the entire cloud-
based storage accounts. After this incident, the company tried to maintain the secret of data
breach and paid hackers approximately US$100,000 to destroy the entire data (Bloomberg,
2018).
It is important for the company to focus on destroying the data as in the business environment;
people are more inclined towards achieving the advantages or the benefits. There are competitors
4
5
UBER Data Breach
like OLA, who emphasizes using the information of the competition as it can help them to
maintain the large customer base (Brown, 2016).
UBER took the right step to destroy the data by paying to hackers as it can help to maintain the
image in the business world. By destroying the data the chance for other competitors who are
present in the market was reduced, as they can take it as an opportunity and can use the data
which can be beneficial for them to achieve the large market share (Sanders and Pattison, 2016).
When the incident related to Data breach took place the company immediately took step to
safeguard the information and focused on shutting down the access which was not authorized
(Khosrowshahi, 2017).
Due to the data breach, the company has to face huge loss and the effect has been analyzed on
the overall trust maintained by the customers. But the company tried to maintain the trust
between the customers by stating that "we maintain transparency, integrity, and accountability".
The chief legal officer "Tony West" had given this statement so that incident which took place
can be controlled. He also stated that the company will focus on investing time in protecting the
data of the customers.
It enhanced the collaborative relationship with the customers and helped the company to achieve
the large market share. The statement given by the office was useful at that time as it affects the
thinking pattern of the customers. Just because of this it can be seen that in the present business
environment UBER is considered as one of the largest company with the large market share but
it is important to focus on securing the personal information of the people (Khosrowshahi, 2017).
Conclusion and recommendations
By emphasizing on the entire report, it is depicted that information technology in today's
business environment should be maintained. Due to information technology, there are companies
who are focusing on managing the operations and achieving the large market share. One of the
biggest companies is UBER who consider the information technology but has to face the issue
related to a data breach. The incident which took place in 2016 has affected the company in an
adverse manner but the company considered various steps which are important to be considered
so that the image of the company can be maintained.
5
UBER Data Breach
like OLA, who emphasizes using the information of the competition as it can help them to
maintain the large customer base (Brown, 2016).
UBER took the right step to destroy the data by paying to hackers as it can help to maintain the
image in the business world. By destroying the data the chance for other competitors who are
present in the market was reduced, as they can take it as an opportunity and can use the data
which can be beneficial for them to achieve the large market share (Sanders and Pattison, 2016).
When the incident related to Data breach took place the company immediately took step to
safeguard the information and focused on shutting down the access which was not authorized
(Khosrowshahi, 2017).
Due to the data breach, the company has to face huge loss and the effect has been analyzed on
the overall trust maintained by the customers. But the company tried to maintain the trust
between the customers by stating that "we maintain transparency, integrity, and accountability".
The chief legal officer "Tony West" had given this statement so that incident which took place
can be controlled. He also stated that the company will focus on investing time in protecting the
data of the customers.
It enhanced the collaborative relationship with the customers and helped the company to achieve
the large market share. The statement given by the office was useful at that time as it affects the
thinking pattern of the customers. Just because of this it can be seen that in the present business
environment UBER is considered as one of the largest company with the large market share but
it is important to focus on securing the personal information of the people (Khosrowshahi, 2017).
Conclusion and recommendations
By emphasizing on the entire report, it is depicted that information technology in today's
business environment should be maintained. Due to information technology, there are companies
who are focusing on managing the operations and achieving the large market share. One of the
biggest companies is UBER who consider the information technology but has to face the issue
related to a data breach. The incident which took place in 2016 has affected the company in an
adverse manner but the company considered various steps which are important to be considered
so that the image of the company can be maintained.
5
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
UBER Data Breach
Due to this incident, there are many customers who are also affected as their private information
was with the third party. At that time, the company maintained the image by considering the
strategy related to destroying the data. This was the correct step taken by the company at that
time. The information which was leaked includes 25.6 Million names and email addresses and
22.1 Million names and mobile phones numbers and also 607,000 names and driver's license
numbers. At that time the decision which was taken by the management of the company to
destroy the information was correct.
Therefore, it can be stated that it is important for the companies to focus on maintaining the
privacy as it can help them to achieve success in the competitive market. Also, if the information
is secured then it can be simple to earn more profits. When data breach in UBER took place, the
negative impact can be analyzed on the overall revenue or profits of the company. Due to this
incident, the negative effect can be seen on the level of satisfaction of the customers but the
officer of the company managed the incident with an effective strategy.
Recommendations
So, by analyzing the case it can be recommended that UBER should focus on maintaining the
security of the customers or the people who are connected with the company. If there is no
security or safety then it there is a risk of survival in the market. It is important for the company
to focus on implementing the security measures so that access to the information can be
restricted and it will also help to focus on managing the cloud-based storage accounts.
It has also been recommended that the company should implement the strategy related to
corporate integrity program for the employees so that without hesitation the unethical behavior
can be reported. The company should also adopt the model data breach notification and data
security practices so that the people who are linked with the company can be secured. It is also
important for the company to focus on hiring the independent third party to assess the overall
data security practices. If the third party is appointed then it the privacy and security of the data
can be maintained. To achieve growth it is important for the company to manage the entire data
of the company.
It has also been recommended that UBER should focus on the strategy related to notification.
This strategy should be considered by the company in which the drivers should be given the
6
UBER Data Breach
Due to this incident, there are many customers who are also affected as their private information
was with the third party. At that time, the company maintained the image by considering the
strategy related to destroying the data. This was the correct step taken by the company at that
time. The information which was leaked includes 25.6 Million names and email addresses and
22.1 Million names and mobile phones numbers and also 607,000 names and driver's license
numbers. At that time the decision which was taken by the management of the company to
destroy the information was correct.
Therefore, it can be stated that it is important for the companies to focus on maintaining the
privacy as it can help them to achieve success in the competitive market. Also, if the information
is secured then it can be simple to earn more profits. When data breach in UBER took place, the
negative impact can be analyzed on the overall revenue or profits of the company. Due to this
incident, the negative effect can be seen on the level of satisfaction of the customers but the
officer of the company managed the incident with an effective strategy.
Recommendations
So, by analyzing the case it can be recommended that UBER should focus on maintaining the
security of the customers or the people who are connected with the company. If there is no
security or safety then it there is a risk of survival in the market. It is important for the company
to focus on implementing the security measures so that access to the information can be
restricted and it will also help to focus on managing the cloud-based storage accounts.
It has also been recommended that the company should implement the strategy related to
corporate integrity program for the employees so that without hesitation the unethical behavior
can be reported. The company should also adopt the model data breach notification and data
security practices so that the people who are linked with the company can be secured. It is also
important for the company to focus on hiring the independent third party to assess the overall
data security practices. If the third party is appointed then it the privacy and security of the data
can be maintained. To achieve growth it is important for the company to manage the entire data
of the company.
It has also been recommended that UBER should focus on the strategy related to notification.
This strategy should be considered by the company in which the drivers should be given the
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
UBER Data Breach
option of notification with credit monitoring. When proper credit monitoring will take place then
identifying the theft will not be a difficult task. The driver should be given the option of theft
protection services so that these types of an incident related to the data breach can be reduced. It
is important for the company to focus on securing the data of the company as it is one of the
medium that can help the competitors to achieve success in the market.
If these strategies are considered by the company then the company can easily maintain trust
between the customers which is important to accomplish goals. Also, it is the responsibility of
the company to maintain the security of the information of the customers so that operations of
the company can achieve success in the market.
7
UBER Data Breach
option of notification with credit monitoring. When proper credit monitoring will take place then
identifying the theft will not be a difficult task. The driver should be given the option of theft
protection services so that these types of an incident related to the data breach can be reduced. It
is important for the company to focus on securing the data of the company as it is one of the
medium that can help the competitors to achieve success in the market.
If these strategies are considered by the company then the company can easily maintain trust
between the customers which is important to accomplish goals. Also, it is the responsibility of
the company to maintain the security of the information of the customers so that operations of
the company can achieve success in the market.
7
8
UBER Data Breach
References
Bhuiyan,J., 2018. Uber hid a 2016 data breach that affected 57 million people. [Online].
Available at : https://www.recode.net/2017/11/21/16687794/uber-data-hack-57-million .
[Accessed on 28 September, 2018].
Bloomberg., 2018. Uber Data Breach Exposed Personal Information of 20 Million Users.
[Online]. Available at: http://fortune.com/2018/04/12/uber-data-breach-security/. [Accessed on
28 September, 2018].
Brown, H.S., 2016. After the data breach: Managing the crisis and mitigating the
impact. Journal of business continuity & emergency planning, 9(4), pp.317-328.
Dudley, G., Banister, D. and Schwanen, T., 2017. The rise of Uber and regulating the disruptive
innovator. The Political Quarterly, 88(3), pp.492-499.
Etherington, D., 2018.TC. [Online]. Available at: https://techcrunch.com/2017/11/21/uber-data-
breach-from-2016-affected-57-million-riders-and-drivers/ . [Accessed on 28 September, 2018].
Khosrowshahi, D., 2017. 2016 Data Security Incident. [Online]. Available at :
https://www.uber.com/newsroom/2016-data-breach-settlement/ . [Accessed on 28 September,
2018].
Mastrorillo, E., 2016. Getting Taken for a Ride by Uber Technologies Incorporated. Sociological
Imagination: Western’s Undergraduate Sociology Student Journal, 5(1), p.4.
Naccache, S., Côté, J.F. and Coelho, L.C., 2018. The multi-pickup and delivery problem with
time windows. European Journal of Operational Research, 269(1), pp.353-362.
Romanosky, S., Hoffman, D. and Acquisti, A., 2014. Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), pp.74-104.
Sanders, D.E. and Pattison, P., 2016. Worker characterization in a gig economy viewed through
an Uber centric lens. Southern Law Journal, 26(2), p.297.
8
UBER Data Breach
References
Bhuiyan,J., 2018. Uber hid a 2016 data breach that affected 57 million people. [Online].
Available at : https://www.recode.net/2017/11/21/16687794/uber-data-hack-57-million .
[Accessed on 28 September, 2018].
Bloomberg., 2018. Uber Data Breach Exposed Personal Information of 20 Million Users.
[Online]. Available at: http://fortune.com/2018/04/12/uber-data-breach-security/. [Accessed on
28 September, 2018].
Brown, H.S., 2016. After the data breach: Managing the crisis and mitigating the
impact. Journal of business continuity & emergency planning, 9(4), pp.317-328.
Dudley, G., Banister, D. and Schwanen, T., 2017. The rise of Uber and regulating the disruptive
innovator. The Political Quarterly, 88(3), pp.492-499.
Etherington, D., 2018.TC. [Online]. Available at: https://techcrunch.com/2017/11/21/uber-data-
breach-from-2016-affected-57-million-riders-and-drivers/ . [Accessed on 28 September, 2018].
Khosrowshahi, D., 2017. 2016 Data Security Incident. [Online]. Available at :
https://www.uber.com/newsroom/2016-data-breach-settlement/ . [Accessed on 28 September,
2018].
Mastrorillo, E., 2016. Getting Taken for a Ride by Uber Technologies Incorporated. Sociological
Imagination: Western’s Undergraduate Sociology Student Journal, 5(1), p.4.
Naccache, S., Côté, J.F. and Coelho, L.C., 2018. The multi-pickup and delivery problem with
time windows. European Journal of Operational Research, 269(1), pp.353-362.
Romanosky, S., Hoffman, D. and Acquisti, A., 2014. Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), pp.74-104.
Sanders, D.E. and Pattison, P., 2016. Worker characterization in a gig economy viewed through
an Uber centric lens. Southern Law Journal, 26(2), p.297.
8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
UBER Data Breach
Schneider, H., 2017. Creative Destruction and the Sharing Economy: Uber as Disruptive
Innovation. Edward Elgar Publishing.
UBER, 2018.About us. [Online]. Available at : https://www.uber.com/en/in/ . [Accessed on 28
September, 2018].
9
UBER Data Breach
Schneider, H., 2017. Creative Destruction and the Sharing Economy: Uber as Disruptive
Innovation. Edward Elgar Publishing.
UBER, 2018.About us. [Online]. Available at : https://www.uber.com/en/in/ . [Accessed on 28
September, 2018].
9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
UBER Data Breach
Appendices
(Source: Bhuiyan, 2018).
10
UBER Data Breach
Appendices
(Source: Bhuiyan, 2018).
10
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.