The startup company, Uber, announced yesterday that 57 million of its rider and driver data were compromised, and $100,000 was paid to hackers to delete the stolen data. Even though Uber was aware of the breach in November 2016, a month after the incident, the company decided to stay silent until now. The hackers stole riders’ personal information such as names, email address and phone numbers, and the license numbers of around 600,000 drivers in the United States were included in the breach. Fortunately, the company doesn’t believe any social security numbers, dates of birth or credit card information were compromised.
Dara Khosrowshahi, who became Uber’s CEO in August, recently learned of the breach and has launched an investigation into why the regulatory authorities and the parties affected were not informed. Uber said it is providing free credit monitoring to drivers who had their license numbers exposed.
Following any high-profile data breaches, everyone should take measures to stay safe and secure on and offline. They should monitor all activities on their financial and credit card accounts, lock down their login information by using two-factor authentication, review any information from their insurance companies and/or explanation of benefits, and we strongly urge everyone to sign up for an identity protection service that includes credit and identity monitoring. However, everyone should be weary that not all monitoring services will protect them equally. We encourage individuals who are evaluating identity protection services, and businesses who are evaluating such third-party services to offer, to compare the monitoring capabilities and the quality of the customer service.
Comprehensive monitoring services should include internet surveillance, compromised credential monitoring, and credit monitoring. The monitoring should also include alerts so that if a customer’s information is detected in the black market, they can quickly assess and work with resolution experts to minimize any impact.
Some recommended information to monitor includes:
- Social Security number
- Email addresses
- Date of birth
- Debit/credit cards
- Bank account numbers
- Insurance card/policy number
- Drivers’ license number
- Loyalty card numbers
- Affinity card numbers
- Passport number
Even though the incident took place over a year ago, we recommend all consumers to register their telephone numbers with the National Do Not Call Registry to reduce unwanted telemarketer calls. In addition, be on the lookout for a potential influx of phishing emails supposedly from the organization breached or other trusted service providers. Consumers should be particularly watchful of such emails and consider investing in additional cyber protection, like that included in our online data protection suite.
Lastly, your customers and employees may be on the receiving end of a breach notification and need assistance of a resolution specialist. It’s critical to ensure that the protection includes a team of experts they can rely on. It’s in this service feature where most identity protection providers truly stand apart – some focus on maximizing calls per hour whereas others focus on quality of the care offered. We, proudly, are the latter. Our certified, award-winning Resolution Center teams are available 24/7, every day of the year to provide empathetic and patient assistance that puts people first.
To learn more about protecting your customers’ and employees’ data with Generali Global Assistance identity and digital protection, request a demo.