The update has been posted by the ride-sharing operator on its website, according to ZDnet. The number of affected customers was determined from data extracted from its app or online site and based on codes assigned to specific countries, which might not always correspond with where the user actually lived, it explained.
Furthermore, Uber said it had taken “immediate steps to secure the data” when the breach was uncovered and blocked further unauthorised access. It added that affected customers need not take any action since there was no indication the breach had resulted in any fraudulent transactions.
However, reports emerged in November 2017 showed that some customers in Singapore found charges made to their Uber accounts and credit cards for rides they never took, including transactions made in the UK and US and in foreign currencies, according to ZDnet. The company said then that these were not linked to the global data breach, since details related to credit card numbers or bank account numbers were not believed to have been compromised in the attack.
Singapore authorities had said they were investigating Ubers security incident and would determine if the US company had breached local data protection laws. They also underscored the need for Uber to be transparent and to cooperate with local authorities, the online publication concluded.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now