It just came to light that the 800 pound guerrilla of ride-sharing, Uber, had a massive data breach. That in and of itself is bad, considering approximately 57 million people had their personal information stolen. What makes it worse is that Uber didn't let anyone know until one year after the breach. As in almost all cases, the cover up is worse than the original sin.
How did it happen? The attackers accessed a private GitHub coding site used by Uber engineers and were able to access information pertaining to both riders and drivers that was contained at Amazon Web Services ie. the "cloud". Who says the cloud is always safe?
What did Uber do besides covering the breach up? All signs point to them paying off the bad guys to give the information back. Somehow, I don't have a great feeling that the hackers would be very honorable in truly returning the information. Also, paying a ransom is not wise in most any case.
What's next? Uber's reputation has taken a big hit, chiefly due to its cover up. Also, can you say "class action lawsuits"? And of course it's still to be determined how the bad guys will use this absconded information of millions of folks.
One final nugget-everyone will start getting fake emails saying things like"Your Uber account has been compromised, so please change your password". And, these likely will be a scam to convince paranoid and unsuspecting consumers to give up more personal information. In any case, don't click on any suspicious emails from Uber!