CASE STUDY #1: Uber Announces New Data Breach Affecting 57 Million Riders and Drivers

 

Ridesharing company Uber Technologies, Inc. has disclosed that hackers have stolen the personal information of about 57 million customers and drivers, according to a report by Bloomberg News. The news outlet also reported that Uber discovered the data breach in late 2016 and then waited to disclose the news almost a year later.

 

What was stolen?

 

Chief Executive Officer Dara Khosrowshahi states in a press release on Uber’s website that the stolen

 

information included the following:

 

• The names and driver’s license numbers of around 600,000 drivers in the United States were stolen.

 

It is important to note that the driver’s license numbers affect the drivers working for Uber and not

 

their ridesharing customers.

 

• Aside from the driver’s license numbers, other personal information of all 57 million Uber riders and drivers around the world was compromised: names, e-mail addresses, and mobile phone numbers.

 

• According to the company’s statement: “Our outside forensics experts have not seen any indication

 

that trip location history, credit card numbers, bank account numbers, Social Security numbers or

 

dates of birth were downloaded.”

 

Uber rider or driver?

 

For Uber riders, the company says it doesn’t believe affected individuals need to take action. “We have seen no evidence of fraud or misuse tied to the incident,” its statement to riders said. “We are monitoring the Affected accounts and have flagged them for additional fraud protection.”Uber has stated that it’s notifying affected drivers whose driver’s license numbers were accessed and areproviding them with free credit monitoring and identity theft protection service. The company is providing additional information for its drivers on its website.

 

How did the Uber breach happen?

 

Uber said two (2) people who didn’t work for the company accessed the data on a third-party cloud-based service that Uber uses. The company also said that outside forensics experts had not seen evidence that the hackers accessed other types of information.

 

Study Questions:

 

A. What is the write-up all about? What technology-related issue/s is/are apparent?

 

B. What possible impacts or problems may arise in conjunction with the data breach?

 

C. How can Uber Technologies, Inc. and other similar businesses prevent such from happening again? What measures can you recommend?

 

D. Considering this scenario, would you consider technological developments as advantageous? Why or why not? Justify your responses.

 

 

Transcribed Image Text:

E-Commerce Issues Ethics is at the center of social and political discussions about the Internet. Ethics is the study of principles that individuals and organizations can use to determine right and wrong courses of action. It is assumed in ethics that individuals are free moral agents who are in a position to make choices. Extending ethics from individuals to business firms and even entire societies can be difficult but not impossible. E-commerce and the Internet have raised so many ethical, social, and political issues that can be categorized into four (4) major dimensions: privacy and information rights, intellectual property rights, governance, and public safety and welfare. Privacy Issues – Privacy is possibly the most complex ethical issue raised by e-commerce, as well as the changing technology of human communications brought about by the Internet and mobile devices. The claim to privacy rests on the moral right of individuals to be left alone, free from surveillance or interference from other individuals or organizations, including the government. E-commerce sites routinely collect a variety of information from or about consumers' visits and purchases. Some of these data constitute personally identifiable information (PII), or any data that can be used to identify, locate, or contact an individual. Advertising networks and search engines also track the behavior of consumers across thousands of popular sites via cookies (small files that are stored on a user's computer to hold a modest amount of data specific to a particular client and website), web beacon (often- transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a website or in an e- mail to monitor the behavior of the user visiting the Web site or sending the e-mail), spyware (any software that covertly gathers user information through the user's Internet connection without their knowledge, usually for advertising), and other techniques. These activities are just a few of the issues linked to privacy over the conduct of e-commerce. Intellectual Property Rights – Next to privacy, the most controversial issue related to e-commerce is the fate of intellectual property rights. Intellectual property encompasses all the tangible and intangible products of the human mind. Intellectual property protection in the Philippines is contained in Republic Act No. 8293, otherwise known as the Intellectual Property (IP) Code of the Philippines. The term "intellectual property rights" in the Code consists of copyright and related rights, trademarks and service 03 Handout 1 *Pr TH2106 marks, geographic indications, industrial designs, patents, layout designs of integrated circuits, and protection of undisclosed information. Generally, the creator of the intellectual property owns it and has the exclusive right to use it in any lawful way they see fit. The Internet, however, changes things. Once intellectual works become digital, it becomes difficult to control access, use, distribution, and copying. The Internet technically permits millions of people to make perfect digital copies of various works, from music to plays, poems, and journal articles, and then distribute them nearly cost-free to hundreds of millions of online users. It has demonstrated the potential to disrupt the traditional conceptions and implementations of intellectual property law. The major ethical issue relating to e-commerce in this regard is how individuals and business professionals should treat property that belongs to others. Governance – Governance, as it relates to e-commerce, has something to do with social control: who will control the Internet, what elements will be controlled, and how the controls will be implemented. Control issues revolve around the Internet that could not be controlled, given its decentralized design and its ability to cross borders that made monitoring and controlling message content impossible. This implies that the content and behavior of e-commerce sites cannot be "controlled" in the same way. Another issue is taxation. Governments collect sales taxes based on the type and value of goods sold. The money is used for general government purposes and building infrastructures. However, the development of the "remote sales," such as mail order/telephone order (MOTO) or online purchasing, broke the relationship between physical presence and commerce, complicating the plans of the government to tax all retail commerce. Public Safety and Welfare – Critical issues in e-commerce center around the protection of children, strong sentiments against pornography in any public media, efforts to control gambling, and the protection of public health through restricting the sales of drugs and cigarettes online.

Transcribed Image Text:

Technological Building Blocks of E-Commerce The technological building blocks behind e-commerce are the following (Laudon & Traver, 2017): Internet – It is a worldwide network of computer networks built on common standards. It links businesses, educational institutions, government agencies, and individuals together, and provides users with services such as e-mail, document transfer, shopping, research, instant messaging, music, videos, and news. World Wide Web – It is an information system that runs on the Internet infrastructure. It was the original "killer app" that made the Internet commercially interesting and extraordinarily popular. It provides access to billions of Web pages indexed by Google and other search engines. Before the Web, the Internet was used mainly for text communications, file transfers, and remote computing. The Web introduced more powerful and commercially interesting capabilities with direct relevance to commerce. It added color, voice, and video to the Internet, creating a communications infrastructure and information storage system. Mobile platform – It provides the ability to access the Internet from a variety of mobile devices such as smartphones, tablets, and other ultra-lightweight laptop computers via wireless networks or cell phone service. An app (short for application) is a software application, which is typically used when referring to mobile applications, although it is sometimes used to refer to desktop computer applications as well. A mobile browser is a version of Web browser software accessed via a mobile device.