Privacy czar wants explanation for Uber hack
Canada’s Office of the Privacy Commissioner has asked Uber for more information about how a massive security breach that saw hackers steal personal information from millions has affected Canadians, but said Wednesday it has not yet opened a formal investigation.
Uber revealed on Tuesday that hackers accessed user data stored on a third-party cloud-based service more than a year ago and downloaded personal information — including names, email addresses and phone numbers — from 57 million users. The hackers also stole names and driver’s licence numbers from about 600,000 U.S. drivers. The company said it has fired two employees who led the response to the hack.
A spokesperson for the Office of the Privacy Commissioner of Canada said Uber advised the government it was not able to confirm how many Canadians were affected by the breach.
“We have not opened a formal investigation,” Valerie Lawton, a Privacy Commissioner spokesperson, said in an emailed statement. “We have asked Uber to provide us with a written breach report, in which we would expect them to provide details about how the breach happened and about the impact on Canadians.”
Authorities in the United States and the United Kingdom have launched investigations into the breach.
Uber Canada spokesperson Susie Heath said the company is “working closely with regulatory and government authorities globally,” including the Canadian government.
“Until we complete that process, we aren’t in a position to get into more detail,” she said in an emailed statement.