Uber, the ride-sharing company, joined the growing list of companies that have undergone massive data breaches of their customers and employees personal information. It now seems to be a frequent occurrence to wake up to another announcement of data breaches and identity theft. Here is some information about the Uber data breach to help you determine if you are affected by it, and the steps you can take to protect your identity.
Details about the Uber data breach
Uber revealed that hackers got the records of 57 million of the company’s riders and drivers in this most recent data breach. This latest revelation, following in the wake of announcements by Equifax, LinkedIn and Yahoo, should serve as a wake-up call to take steps to protect your personal identifying information and to learn what to do in the event it is compromised.
According to the disclosure by Uber, the Uber data breach by two hackers actually occurred a year before the company revealed it to the public. Instead of immediately disclosing the theft to the drivers and Uber account holders, the company paid $100,000 to the hackers in exchange for their promise to destroy what they stole. The company also demanded a nondisclosure agreement from the individuals and kept the breach a secret for almost a year.
Uber Information stolen included:
- Theft of driver and rider names
- Driver’s license numbers of Uber Drivers
- Email Addresses
- Phone Numbers
An internal investigation discovered the cover-up. The failure to announce a breach of consumer personal data could be a violation of state laws, according to the NY Times report. A delay might have prevented consumers from acting quickly to protect themselves against someone using the stolen information.
How does the Uber data breach affect me?
Although news reports placed the total number of people affected by the Uber data breach at 57 million, the announcement by the company shows the impact in the United States to be slightly less with 600,000 drivers and 25.6 million riders being victims of the theft.
The type of data stolen in the Uber breach could be used by criminals in several ways, including:
- Stolen emails can be used to gain access to passwords for your Uber account or accounts you might have with other companies.
- Distributing email containing viruses or malware.
- Gaining access to your financial accounts, including credit cards and bank accounts.
- Personal identifying information can be used to open credit accounts under your name without your knowledge.
It is never too late to take steps to protect your identity and the privacy of your personal data.
How to protect your information after identity theft?
Even if you do not have an Uber account, your personal data could still be at risk. There are steps you can take right now to protect yourself from the effects of this and other breaches, including:
- Sign up for a credit monitoring service to alert you of fraudulent use of your personal information to obtain credit or other forms of identity theft. Companies offering this service charge monthly fees, so be sure you review all terms and conditions closely.
- Contact the Social Security Administration to protect your SSN.
- Monitor your credit card and bank statements each month to detect any activity that appears suspicious. If you discover any suspicious activity, notify the credit card company or your bank immediately.
- Change the passwords you use for online financial transactions. Using long and complex passwords with symbols, numbers and capital letters help provide the most protection. You should avoid using the common words or the same password on all of your accounts. Using a unique password for each account is a best practice to follow.
- Consider freezing your credit. Freezing your credit through credit reporting agencies prevents anyone, yourself including, from taking out a loan or applying for credit cards. Once you freeze your credit, you must unfreeze it in order to complete any type of transaction for which a credit report will be ordered. A freeze prevents the credit reporting agencies from releasing your credit report to anyone requesting it.
- Order a free credit report and check it for unusual activity or inaccurate information. The Federal Trade Commission offers consumers a free annual credit report.
- Don’t delay filing your income tax returns. Someone in possession of your personal information could file a fraudulent return with the Internal Revenue Service in an effort to get a refund in your name.
Protecting your identity
You might also consider signing up for identity protection through private companies offering such services. The services monitor your credit report activity at the credit reporting agencies and notify you of suspicious activities that could indicate identity theft, including:
- Requests for credit reports
- Credit card or loan account newly opened in your name
- Late payments or defaults
- Changes in credit limits on financial accounts
- Changes in personal information
Companies offering identity monitoring usually offer services to help you when someone steals your identity. This might include assistance contacting credit reporting agencies, creditors and others as you attempt to halt the damage done by the identity theft.
You can protect yourself and your personal information by knowing the source of emails and calls seeking personal information. One way to do this is to conduct public records searches and newspaper archive searches to verify the legitimacy of companies and services you are using.