preview

Uber Security Breach

Decent Essays

The internet connection and technology has brought great progress, prosperity, innovation, and life improvement of the society, along with these benefits laid the dark side of the connected world. Any organization or individuals when connected to the virtual world, stand risking harm from nefarious activities and characters who also roam the internet with malicious and self-benefiting intentions.

Uber; the San Francisco based innovative and popular ride booking service platform provider which matches riders to nearby Uber drivers for transport was hacked and approximately 50,000 Uber drivers’ private information was affected by this data breach. This paper will examine Uber’s security policy and culture, leading to the breach, also the motivation, …show more content…

Correspondingly, the lack of comprehensive information security policy as one of the most critical aspect of their business created holes in their security practices. The breach had placed Uber drivers into possible danger of their identities being utilized for criminal activities, their PII exposed, would these drivers feel safe to continue to drive as Uber partners? The loss of reputation in the part of Uber can be translated into loss of business. How were these drivers affected psychologically when notified by Uber of their PII has been compromised? Many victims of PII theft felt “violated”, if their names were used for other malicious activities or if their credits are damaged, devastation can ensue (Fortinger & Zigeler), it would be a long and difficult road to clear them and recover from those damages. I can imagine, as I was also affected by the breach of OPM, along with the other 22 million affected personnel, my life-long history, PII, also my family, relatives, and everything I have done officially was in the hands of the Chinese government, aside from the identity and credit worries, the sense of violation is that of being invaded in one’s own sanctuary, the worries of identity being assumed, or approached by any foreign agent is psychologically haunting, it has been a worrisome experience that continues today. Although Uber filed a …show more content…

In addition, sensitive data transfer, withdrawal, and storage must be strongly encrypted. Furthermore, Uber’s decision makers must create a workable and comprehensive security policy that all employees are mandated to adhere to with clearly delineated responsibilities and accountabilities to protect the riders and company data and defense posture. For example: an Uber employee in Boston should not be able to access a rider’s information if the ride is locally to a different geographic location, (Kuchler, H.,2015) and the query of any public figure and celebrity requires supervision and only for those who have official role-base responsibility. Moreover, Uber had agreed to strengthen its security and privacy practice with the State of New York, it must also practice the same standard in other states where it

Get Access