In late November, Uber acknowledged that they had covered up a global cyber breach where personal information of 57million drivers and customers was exposed in October 2016. At the same time, Uber confirmed that it had paid the hackers involved $100,000 to delete the data and stay quiet in an effort to prevent the scandal being made public.
In the wake of the announcement, Uber has now dismissed chief security officer, Joe Sullivan and CEO Dara Khosrowshahi, who was not with the company at the time of the hack, said: “None of this should have happened.”
Uber is by no means the only company that has fallen victim to cyber-attacks in the past few years with organisations such as Yahoo, Myspace and eBay experiencing comprised accounts in the hundreds of millions bracket, however it is the apparent absence of transparency that places the Uber and its former leadership team in a negative light.
James Dipple-Johnstone, ICO deputy commissioner, said in a statement: “It’s always the company’s responsibility to identify when UK citizens have been affected as part of a data breach and take steps to reduce any harm to consumers. Deliberately concealing breaches from regulators and citizens could attract higher fines for companies.”
Cyber-crime is an increasing threat amongst UK businesses, with 1 in 5 British businesses experiencing cyber-attacks in the last 12 months. The increasing number of media reports of cyber-attacks and ransomware has highlighted how important it is for any sized business to invest in cyber security and be transparent with their clients and regulators. Your business, no matter how small is at significant risk of Cyber Crime. Ransomware, botnets and phishing are all tools used by hackers to gain information and to access your business systems.
Statistics indicate that 58% of UK businesses have sought advice, guidance or information about cyber security threats in 2016-17. This displays the extent to which UK businesses don’t see themselves as potential victims of cyber criminals. This blasé attitude not only risks the security and trust of customers but also endangers the relationship with suppliers, therefore jeopardizing lucrative supplier contracts.
CNS has been at the forefront of cyber-security solutions with the assistance of the U.K. government implementing the “Cyber Essentials” scheme with the aim of increasing the cyber safety of UK businesses. Cyber Essentials is a UK Government certification which allows businesses to validate to their customers, suppliers, investors and insurers that they have administered essential security controls to manage their cyber risk. Cyber Essentials can reduce your risk of attack by up to 80%.