Uber should investigate own databases after claims of bogus fares

Supported By:

Net Patrol International Inc.  Data Investigation and Forensic Services
Bankruptcy and Insolvency Trustees

A string of complaints by customers charged for Uber trips they say they never took has security experts calling on the ride-hailing company to launch a formal investigation to make sure its databases haven’t been breached. After CBC News reported on the story of Laura Hesp, who lives in Toronto but was billed for an Uber ride taken on her account by someone in Poland, several others came forward to report similar experiences.

Customer incidents result of phishing scam?

Uber has warned customers incidents like this may be the result of phishing scams, but experts CBC News spoke to think the company should investigate to rule out the possibility that its own databases have been hacked. The stories begin the same way. A person receives an unexpected email confirming an Uber cab is minutes away — except the customer hasn’t ordered one and the trip is thousands of kilometres away in another country.

Possibility that Uber databases have been hacked

The ride-hailing service has been breached before. An investigation by Uber in September 2014 found one of the company’s databases was accessed by a third party, leaving the names and driver’s licence numbers for approximately 50,000 drivers exposed. The breach also affected up to 200 drivers’ banking information and social insurance numbers of up to 100 drivers.

Read more about Uber and phishing scams as CBC News.

This article is summarized by Canadian Fraud News Inc.