Uber is a travel and delivery service that was founded in California in 2009. The company’s “about us” page focuses on the importance of movement, and providing sustainability throughout the world. The company proclaims it’s goal to go fully electric, zero commission vehicles in the future. (Uber, N.D) The company however, has not always been known for it’s transparency.
The Breach
In October of 2016, Uber announced that the data of about 57 million riders, and drivers were potentially compromised. This was further complicated when Uber did not initially contact authorities, and instead offered the hackers $100,000 to delete the stolen data and keep the breach a secret.(Trend,2017) These hacks gave the hackers access to the sensitive information of many who use and work for the service, and the companies initial reaction was to cover up the breach, and avoid accountability for the act. This attempt to cover up the breach resulted in the company’s former chief security officer Joseph Sullivan to be sentenced to three years probation, and was ordered to pay a fine of $50,000.(APNews,2023)
Implications
The immediate implications for the brand were that Uber is not a company that the consumers and employees can trust. Ubers attempt to cover a breach of such sensitive information is a clear declaration that the potential feared fallout more than they cared for the safety of others. This not only makes consumers doubt that Uber has their best interest at heart, and may move on to other ride apps. Another issue is that the investigation by authorities was also likely hindered by the brand due to their delay in reporting the issue. Had Uber reported the issue immediately, perhaps this hack could have not been as extensive, and they would have not further caused damage to their brands reputation and trustworthiness. In Uber’s information page they claim that their riders may have had their names,email addresses, and mobile phone numbers accessed by these hackers. There is no mention of their attempt to pay off the hackers to delete this information and stay quiet. Instead the company just claims that immediate steps were taken to secure the data and prevent further breaches.(Uber,N.D)
What Should Have Been Done
In lieu of attempting to cover up a felony, Uber should have immediately contacted authorities, and inform those who may be affected. Yes this decision would have had backlash, yes public opinion on the brands safety could be skewed, but is the ethical thing to do. Uber did not do this, and instead attempted to cover up their problem, and never inform the public of the potential threat to it;s sensitive personal information. Other than simply being the ethical option, reporting this breach immediately could have protected Uber’s image in the long run. Now instead of just being a brand that experienced a complex hack, they have created a reputation of a brand that will cover up their shortcomings and not be honest with their consumers.
Sources
Uber breach exposes the data of 57 million drivers and users. Trend Micro (US). (2017, November 22). https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/uber-breach-exposes-the-data-of-57-million-drivers-and-users#:~:text=In%20a%20highly%20publicized%20data,notify%20legal%20authorities%20and%20regulators.
AP News. (2023, May 5). Ex-uber security chief sentenced for data-breach cover-up. AP News. https://apnews.com/article/uber-data-breach-coverup-sentenced-san-francisco-05b2ded36daf55012f03651cf2c7c931
https://www.uber.com/us/en/about/?uclick_id=d8d7c7fc-fe64-4257-9d01-86bf41888879
marketing mix 
Leave a comment