I admit it. I’m one of the only folks (or so it seems) that doesn’t like Uber. Maybe now that they have a different CEO…. Nah, who am I kidding.

(I’ve written about the “compensation” they provide their drivers before.)

And, not because Uber let hackers glom information in 2016 on their drivers and their customers- all 57 million of them. (Only 600K were drivers- and their driver’s license information was exposed; the rest of the thefts involved consumer data.) No! After all, now the thieves have your name, your phone number, and your eMail addresses. Uber claims that no credit card information or trip location history was stolen. (That last fact would mean that your credit card company won’t think twice if a bogus charge appears. After all, you could have been there before!)

No. Not even because they waited a whole year to tell us about it. (This is among the reasons why I have doubts that credit card or trip location data wasn’t stolen. After all, why else would you wait a year to let your customers know?) And, their new CEO, Dara Khosrowshahi, knew about it for months- without divulging a clue. (Oh, yeah! He claimed he was waiting for a plan to be developed. Anyone buying that bridge?)

No, it’s because of all that- and that they paid these hackers $ 100K if the hackers promised to erase the data and keep their exploits private. (Pinky swear? Sure they erased that data. Data that would be worth at least thrice that amount on the black market.)

Moreover, I detest Uber’s demands that I have location services activated. I don’t want to be tracked. It wasn’t fun when that happened to me in the 60’s and 70’s and I have no desire to AGREE to be tracked now.

Yes, I know that paying ransom is cheaper than fixing a breach. But, most of those breaches that demand money involve your computer locked up tighter than a chastity belt. But, I’m sure the Ransomware crooks are going to start effecting these sort of attacks wholesale soon enough. (Your money or we’ll publish all those eMails to embarrass you. Oh, wait. They’ve done that already to the DNC and Hilary, right?)

Oh, and you know what? Each time such creeps pay the hackers, it emboldens the hackers to attack someone new. After all, they got away with it once! And, hackers are among the most social folks out there. They share modes to break into computers. They share success stories. And, they learn from one another.

I think the big reason Uber kept the breach quiet was because they feared losing permission to grow their services to yet another city. (Many cities are already not thrilled that Uber flaunts their taxi regulations.) Or, that regulators (whom they never notified!) would slap them with heavy fines for leaving our data at risk- and for not telling us about it right away.

You probably don’t know how this breach occurred.  Hackers hit a private GitHub site used by Uber’s engineers. (Obviously, it wasn’t too private!) The engineer’s log-in credentials were stored there- and then, with that access, the hackers easily sucked the data from Uber’s Amazon Web Services account.

And, you still ARE using Uber???????

 

 

(By the way, if you don’t know what the title means, try it here…)

 

 

Time’s awasting.  If you are a senior (over 65), Open Season for Medicare has come and gone.   

But, if you are under 65, then you’ve got just 5 days  (including today)  to pick the best PPACA/Obamacare option to cover yourself and your family.   (As of now, there still is a 2.5% penalty if you don’t get yours!)