Ridesharing giant Uber has agreed to pay a $20,000 fine for the ‘failure to provide timely notice to drivers’ about a data breach that occurred in September, 2014.
New York’s attorney general, Eric T. Schneiderman, has announced a settlement with Uber that will see the San Francisco-based company pay a fine for failing to inform drivers of a data breach in time. Significantly, the announcement also revealed that Uber agreed improve its cybersecurity standards and practices.
Some of the new practices that Uber is required to adhere to as a part of the settlement includes:
- Encryption of rider location details. Uber will now have to encrypt the geo-locations of its riders as a direct measure to put an end to Uber’s infamous ‘God View.’ The mode of ‘God View’ –a term coined internally by its staff – allowed Uber executives to access riders’ locations in an aerial view.
- Adopting multi-factor authentication. This additional security measure will be implemented to authorize employees who access riders’ sensitive personal information.
The press release announcing the settlement and new measures enforced upon Uber to adhere to a better security standard includes a baffling example of ‘inappropriate access’ of rider information. Buzzfeed reporter Johana Bhuiyan alleged that upon arriving at Uber’s New York headquarters in an Uber car, the general manager of Uber’s New York Josh Mohrer said: “There you are. I was tracking you.”
Uber’s God View
The means to tracking riders with such precision in a real-time basis is achieved via ‘God View.’ Basically, ‘God View’ is an internal tracking system that allows Uber’s operations team to have access to a real-time aerial view of movement of cars. A practical reason for wielding ‘God Mode’ was to inform drivers of potential rides in an area of the city with a lack of drivers.
During the course of the investigation, the statement from the Attorney General’s office also noted that Uber eliminated all drivers’ and users’ personal information from the aerial view.
An excerpt from the settlement, which can be found in its entirety here, reads:
Uber has represented that it has removed all personally identifiable information of riders from its system that provides an aerial view of cars active in a city, has limited employee access to personally identifiable information of riders, and has begun auditing employee access to personally identifiable information in general.
The Infamous Uber Breach
In early 2014, an Uber engineer posted an access ID used to access Uber’s third-party cloud storage on Github.com. The posting was public. Predictably, a hacker was able to access the database on the cloud in May, 2014. This database contained tens of thousands of Uber drivers’ personal information including names and driver license numbers.
Hacked previously reported on the hack that Uber is now paying the settlement for, an event that was only revealed by the company in March – months after the breach was discovered in September 2014. The hack may have compromised up to 50,000 Uber drivers, or a “small percentage of current and former Uber driver partners,” a company statement said at the time.
In a statement following the settlement and measures forcing the company to adopt better and safer security measures, Attorney General Schneiderman said:
This settlement protects the personal information of Uber riders from potential abuse by company executives and staff, including real-time locations of riders in an Uber vehicle.
Featured image from Shutterstock.
Ethereum Notches Two-Month High as Bitcoin Offspring Triggers Volatility
Digital currency Ethereum climbed to a two-month high on Monday, taking some of the heat off Bitcoin and Bitcoin Cash, which have slumped since the weekend.
Ethereum Forges Higher Path
Concerns over Bitcoin created a favourable tailwind for Ethereum (ETH/USD), which is the world’s No. 2 digital currency by total assets. Ether’s price topped $340.00 on Monday and later settled at $323.54. That was the highest since June 20.
At its peak, ether was up 10% on the day and 70% for the month of August.
The ETH/USD was last down 2.2% at $315.02, according to Bitfinex. Prices are due for a brisk recovery, based on the daily momentum indicators.
Fractured Bitcoin Community
Bitcoin and its offshoot, Bitcoin Cash, retreated on Monday following a volatile weekend. The BTC/USD slumped at the start of the week and was down more than 3% on Tuesday, with prices falling below $3,900.00. Just last week, Bitcoin was trading at new records near $4,500.00.
Bitcoin Cash, which emerged after the Aug. 1 hard fork, climbed to new records on Saturday, but has been in free-fall ever since. The BTH was down another 20% on Tuesday to $594.49, according to CoinMarketCap. Its total market value has dropped by several billion over the past two days.
Analysts say that a “fractured” Bitcoin community has made Ethereum a more attractive bet this week. The ether token has shown remarkable poise over the past seven days, despite trading well shy of a new record.
Other drivers behind Ethereum’s advance are steady demand from South Korean investors and growing confidence in a smooth upgrade for the the ETH network. The upgrade, which has been dubbed “Metropolis,” is expected in the next several weeks. Its key benefits include tighter transaction privacy and greater efficiency.
Ethereum Prices Unaffected by ICO Heist
Fin-tech developer Enigma was on the receiving end of a cyber-heist on Monday after hackers took over the company’s website, mailing list and instant messaging platforms. The hack occurred three weeks before Enigma’s planned Initial Coin Offering (ICO) for September 11.
In addition to defacing the company’s website, the hackers pushed a special “pre-sale” ahead of the ICO. While many users realized it was a scam, 1,492 ether tokens – valued at $495,000 – were directed into the hackers’ cryptocurrency wallet by unsuspecting backers.
The irony in all this is that Engima is a cryptography company that prides itself on top-notch security protocols. The company issued a statement that its servers had not been compromised.
Ethereum Prices on Track for 35% Monthly Drop
It has been a difficult month for ethereum. The world’s No. 2 digital currency has lost a third of its value over the past 30 days following a series of cyber breaches targeting vulnerable wallets and ICOs.
Ethereum Struggles to Regain Momentum
Ethereum (ETH/USD) was trading near $197.00 Sunday at 6:30 BST, according to Bitfinex. That represents a decline of around 5%. At current values, ethereum’s market cap was $18.4 billion.
The ETH/USD exchange rate has struggled throughout July, with prices briefly falling below $160.00. The decline, which amounted to a 60-day low, lured bargain-hunters back into the market. After surging back toward $250.00, the ETH/USD has consolidated below the $220-mark, which continues to offer strong resistance. On the opposite side of the spectrum, major support is located at $180.00.
A price recovery may prove elusive in the short-term, with the Relative Strength Index (RSI) and Stochastic indicator signalling weak underlying momentum.
Despite its recent decline, ethereum’s value has surged more than 2,200% this year.
Cyber Attacks, SEC Weigh on Market
The ethereum network suffered a large-scale cyber breach earlier this month resulting in the loss of tens of millions of dollars. A community of ethical hackers quickly banded together to “rescue” hundreds of millions of dollars worth of tokens.
Blockchain-based trading platform Coindash was also hijacked during an initial coin offering (ICO). The breach exposed Coindash’s ether wallet address, resulting in the loss of $7 million worth of ether.
The Securities and Exchange Commission (SEC) has also taken an interest in the ethereum-based ICO market. Last week, the regulator concluded that a certain multi-million dollar token sale last year violated securities law. Although ICOs have been compared to crowd-sourcing, the SEC maintained that some tokens were in fact securities.
Analysts say the SEC ruling could impact the future of ICOs, although it remains unclear how the regulator is pursuing this market. The SEC’s July 25 press release cautions investors about ICOs in general.
Coders Safeguard Vulnerable Ethereum Wallets Following Security Breach
Ethereum suffered large-scale security breaches last week after anonymous hackers targeted vulnerable wallets in the network, resulting in the loss of tens of millions of dollars. However, it didn’t take long for a volunteer group of coders to “rescue” the funds in 500 at-risk wallets before the same attackers could get to them too.
White Hat Group Takes Charge
The so-called White Hat Group showed initiative by “rescuing” the funds using the same techniques the thieves employed to compromise $32 million USD worth of ether from three multi-signature wallets. As of Monday, the White Hat Group of ethical hackers was in possession of $86 million worth of ether and an additional $122 million in tokens.
Tokens are digital assets that are sold during an Initial Coin Offering (ICO) fundraising event. They have proven to be extremely popular.
Tens of millions of dollars worth of ether and tokens have already been returned to their owners. The White Hat Group says it will issue full refunds by the end of July.
Blockchain-based trading platform Coindash was also breached last week, resulting in the loss of more than $7 million worth of ether.
Security Breaches Nothing New in Crypto World
For all its benefits, cryptocurrency has been vulnerable to several high-profile security breaches. Last summer, Hong Kong-based Bitfinex was the target of a major attack that resulted in the theft of around $70 million worth of bitcoins. In response, the exchange announced a controversial plans to “socialize” its losses among all users. Each Bitfinex trader was docked 36% as a result.
Bitcoin prices declined sharply following the attack, stopping what had been a blistering summer of gains.
Ethereum Enterprise Alliance
For anyone doubting the potential of the ether, take a look at the list of companies participating in the Enterprise Ethereum Alliance (EEA). The EEA is a forum that connects Fortune 500 companies, startups and academics with ethereum subject matter experts. The EEA is made up of multinational banks and some of the world’s biggest technology companies.
The forum has made cyber security a top priority, according to a May 22 press release. In the release, companies like Infosys, Mitsubishi UFJ Financial Group, Synechron and others expressed their intent to contribute to the future of ethereum’s security.
- Notable Bitcoin Price Growth Events in October October 22, 2017
- Trade Recommendation: Monero October 22, 2017
- Trading 101: 7 Trading Mistakes to Stop Making Right Now October 22, 2017
- 5 Things to Watch Next Week: Earnings Bonanza, Bitcoin in Danger Zone, Trump’s Tax Reform, The Dollar Rally, The US Yield Curve October 22, 2017
- Trade Recommendation: DigiByte October 22, 2017
- ICO Analysis: Spectre October 22, 2017
- We Have to Talk About Bitcoin Again October 21, 2017
- iComply ICO Adds Blockchain Thought Leader “ThePiachu” to Its Management Team October 21, 2017
- Trade Recommendation: Qtum October 21, 2017
- Long-Term Cryptocurrency Analysis: Bitcoin Outshines Altcoins Again October 21, 2017
A part of CCN
Analysis1 week ago
Technical Analysis: Ethereum, Monero, and Litecoin Jump as Bitcoin Goes Parabolic
Analysis1 week ago
5 Things to Watch Next Week: Byzantium, Bitcoin Stretched, Gold’s Strength, The Next Fed Chair, Kirkuk and Crude Oil
ICO1 week ago
ICO Analysis: UTRUST
Cryptocurrencies1 week ago
Trade Recommendation: Stellar
Cryptocurrencies1 week ago
Trade Recommendation: Bitcoin
Regulation1 week ago
China to Issue State-Run Cryptocurrency?
ICO1 week ago
ICO Analysis: Raiden Network
Analysis1 week ago
Long-Term Cryptocurrency Analysis: Bitcoin Leads the Charge as Ethereum Breaks-Out