Breach Summary: Uber experienced a data breach in which hackers accessed the personal information of 57 million riders and drivers. Uber initially covered up the breach and paid the attackers to delete the stolen data.
How It Could Have Been Mitigated:
- Data Encryption: Uber could have encrypted sensitive data like names, email addresses, and phone numbers, making it harder for hackers to exploit.
- Incident Response Plan: An effective and transparent incident response plan would have ensured that Uber responded to the breach quickly and notified affected individuals, reducing the impact.
- MFA and Access Controls: Implementing MFA and access control measures for internal systems would have prevented attackers from accessing sensitive information with stolen credentials.
Link
Back to Blog