As of June 2016, this statement is no longer up to date. Please see an updated statement here.
In late 2014, we identified a one-time access of an Uber database by an unauthorized third party. A small percentage of current and former Uber driver partner names and driver’s license numbers were contained in the database. Immediately upon discovery we changed the access protocols for the database, removing the possibility of unauthorized access. We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident.
Uber takes seriously our responsibility to safeguard personal information, and we are sorry for any inconvenience this incident may cause. In addition, today we filed a lawsuit that will enable us to gather information to help identify and prosecute this unauthorized third party.
Here’s what we know:
- On September 17, 2014, we discovered that one of our databases could potentially have been accessed by a third party.
- Upon discovery we immediately changed the access protocols for the database and began an in-depth investigation.
- Our investigation revealed that a one-time unauthorized access to an Uber database by a third party had occurred on May 13, 2014.
- Our investigation determined the unauthorized access impacted approximately 50,000 drivers across multiple states, which is a small percentage of current and former Uber driver partners.
- The files that were accessed contained only the name and driver’s license number of some driver partners.
- To date, we have not received any reports of actual misuse of any information as a result of this incident, but we are notifying impacted drivers and recommend these individuals monitor their credit reports for fraudulent transactions or accounts.
- Uber will provide a free one-year membership of Experian’s® ProtectMyID® Alert. If impacted driver partners have questions or need an alternative to enrolling online, please call (877) 297-7780 and provide the Engagement number listed in the notification letter.
- We have also filed what is referred to as a “John Doe” lawsuit so that we are able to gather information that may lead to confirmation of the identity of the third party.
Katherine Tassi is Uber’s Managing Counsel of Data Privacy. Prior to joining Uber, Tassi spent 4 years at Facebook as the Head of Data Protection and the Associate General Counsel in charge of the global data protection program. She spent 8 years serving in the Washington State Attorney General’s Office as an Assistant Attorney General prosecuting consumer protection violations and working on high-tech litigation.
We are excited to surpass the 100th city mark by welcoming two Brazilian cities, Rio de Janeiro and Belo Horizonte, to the UberEATS family. From Atlanta to Warsaw, people have truly embraced this easy and reliable way to discover the food they love at the push of a button. Whether that’s an Indian inspired samosa, a good old-fashioned American burger or Vietnamese pho, people in 27 countries are using UberEATS to get a taste of the world’s flavors at the push of a button.
We’re excited to expand the Uber for Business platform beyond business travel, to include a world-class customer transportation solution, Uber Central. With Uber Central, organizations of all shapes and sizes can now easily provide on-demand, door-to-door transportation for their customers, clients, and guests.
A little over a year ago, we set out to put a new spin on an old classic–make reliable food delivery available at the tap of a button. Back then, we started by offering food in the UberEATS app from 1,000 pioneering restaurant partners in four cities. And today, more than 40,000 restaurants globally–from poke shops to pasta spots–are sharing food with customers through UberEATS. With a growing restaurant community comes more choices and more complexity. So we’re cooking up features to continue to make UberEATS easy and reliable. Here is a taste–