October 2016 witnessed a big security breach happen to the ride-hailing firm Uber when two hackers stole information from the accounts of 57 million drivers and customers and then contacted Uber and requested $100,000 to destroy the copy of the stolen data. Uber paid that amount but didn’t announce the breach for more than a year.

 

The hackers managed to gain access to an Amazon web server that is owned by Uber, using credentials that an Uber engineer mistakenly left on GitHub.

 

This incident forced Joe Sullivan - Uber’s top security executive – to be fired because he obstructed justice for failing to disclose that breach to regulators. In November 2017, Uber’s CEO - Dara Khosrowshahi- disclosed the cyberattack that Uber suffered in October 2016. Khosrowshahi said, "none of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes".