BREAKING NEWS: Uber concealed for more than a year that hackers had stolen data from 57 million Uber drivers and customers, according to a report Tuesday.

Uber attributed the hack, which occurred in late 2016, to two individuals who accessed the data through a “third-party cloud-based service.” The company said its internal servers were not compromised.

The hackers stole the names and driver’s license numbers of roughly 600,000 Uber drivers, as well as the names, email addresses and phone numbers of some 57 million users. Uber says user credit card numbers, bank account numbers and social security numbers were not exposed and is providing free credit monitoring to impacted drivers.

“None of this should have happened, and I will not make excuses for it,” Uber CEO Dana Khosrowshahi said in a blog post. “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”

FYI.

I imagine everyone in the world must have free credit monitoring by now from these hacks.

Uber paid the hackers $100,000.

https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data

Uber paid the hackers $100,000.

https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data

Wow. Hmmm.

We will make no distinction between the terrorists who committed these acts, and those who harbor them??

…ANYWAY…

^ I just immediately assume that it was/is/will be the fucking Norks.

Please continue.

ALSO,

That Bush quote I inserted two posts back doesn't really address what I was trying to communicate (that being whether a hack could even be considered an act of terror and/or do we pay ransoms in this type of situation. Also-also, I dressed it up really nice with vBulletin tags and am too lazy to fix it) Also-also-also, anything hacker’y immediately makes my lizard brain think it's the Norks.

Please, continue.

Hey dude, Mr. Sbee here.

I was just wondering if you were bored enough to keep the Uber Hack thread you started going. And, like, pretend to be interested in what I posted there.

Reeeally sitting on my hands here. Makes you wonder what I'm doing with my thumbs…

- S.B./Ben G.

Alright.


HOLY FUCK CAN YOU GUYS BELIEVE IT? UBER HACKED A YEAR AGO AND THEY TELL NO ONE!

Alright.


HOLY FUCK CAN YOU GUYS BELIEVE IT? UBER HACKED A YEAR AGO AND THEY TELL NO ONE!

Yippee.

Yes, generally, the federal government advises against paying hackers but there aren't rules against it so most corporations will end up paying. As for who did it.. sure it could be the Norks but attribution is incredibly difficult for situations like this, expensive too.

Yippee.

YIPPEE KI YAY MOTHERFUCKER

Yes, generally, the federal government advises against paying hackers but there aren't rules against it so most corporations will end up paying. As for who did it.. sure it could be the Norks but attribution is incredibly difficult for situations like this, expensive too.

See, I can't wrap my head around the idea of a scenario where the Norks, geographically, were 110% to blame. Or if it was spread out, but clearly ISIS.

Does the status quo of standoffishness merit whether we comply with a monetary sum? Thin lines.

Norks have agents operating in other countries. Also, this doesn't have to be the act of a nation state, plenty of non-state criminal entities with the know how and motive to carry out black hat attacks.

Norks have agents operating in other countries. Also, this doesn't have to be the act of a nation state, plenty of non-state criminal entities with the know how and motive to carry out black hat attacks.

But if we can definitively place blame on an extremely hostile and/or bonafide terrorist entity, then, eh, does the field of politics come into play and start to mandate whether or not we pay a ransom for a data hack?

And then what starts to happen? Is it somehow governed that the playing field be leveled and we trade .DAT hacks tit-for-tat, even with our worst enemies?

There is a bill that was introduced in Congress last month called the Active Cyber Defense Certainty Act which would allow individuals and corporations to hack back when they have been targeted. It's an incredibly stupid idea and would potentially cause far more problems.

YIPPEE KI YAY MOTHERFUCKER

Alright, Bruce :thumbup:


There is a bill that was introduced in Congress last month called the Active Cyber Defense Certainty Act which would allow individuals and corporations to hack back when they have been targeted. It's an incredibly stupid idea and would potentially cause far more problems.

…

I … don't even want to begin thinking about how this would reach a zero hour and then how in fuck's sake some sort of RFA, or RFP gets pushed forward and gives the green light to … yeah, brain hurts.

It's a terrible idea with 0 chance of passing. Virtually no one in the infosec field thinks it's a good idea but you have some people that don't know better.. think if someone hacks their company and steals data then it would be okay to hack the person back and delete the stolen data. It doesn't work that way though. For starters the average time before a company realizes it has been hacked is somewheres between 100 and 200 days... Then there's the only issue of escalation. Say a company hacks back but hits the wrong target or unleashes malware against another country.

Candor should probably just DDOS the ever-boundless universes.

I open my .DATs with notepad B)

I open my .DATs with notepad B)

I open my deltrees with *fzzzzt* *bleep* 01110011 01101001 01100111 01101110 01101001 01101110 01100111 00100000 01101111 01110101 01110100

i love u
-fhqwhgadshgnsdhjsdbkhsdabkfabkveybvf

I open my deltrees with *fzzzzt* *bleep* 01110011 01101001 01100111 01101110 01101001 01101110 01100111 00100000 01101111 01110101 01110100

i love u
-fhqwhgadshgnsdhjsdbkhsdabkfabkveybvf

reported.

reported.

Reporting your report.

Also, reporting myself. Good day sir.