No link between global security breach and Singapore user being fraudulently charged for rides: Uber

Uber Singapore said that the ride-sharing company's global security breach was not related to a recent case where a Singaporean woman was charged more than $1,300 for "phantom rides". PHOTO: EPA-EFE
Adrian Lim
Political Correspondent
Updated
Nov 23, 2017, 07:02 AM
Published
Nov 22, 2017, 09:50 PM

SINGAPORE - Uber said on Wednesday (Nov 22) there is no link between a customer in Singapore being fraudulently charged more than $1,300 for rides recently, and a massive global security breach of its platform last year (2016).

An Uber Singapore spokesman said it has "no reason to believe" the two events are related, because during last year's incident, its corporate systems or infrastructure had not been breached.

"Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, NRIC (number) or dates of birth were downloaded," the spokesman added.

On Tuesday (Nov 21), reports said Uber had covered up a security breach in October 2016, which exposed the personal information of about 57 million accounts on the ride-hailing platform.

The controversy, which involved Uber paying hackers US$100,000 (S$135,000) to keep secret the breach, was first reported on Bloomberg News.

Separately, in Singapore, an Uber customer Jenna Lim posted on Facebook recently that she had been charged more than $1,300, for some 30 transactions over a five-day period, starting from Nov 13. "I believe someone from the US hacked into Uber's security system and attained my bank account info," Ms Lim wrote.

Uber Singapore, however, said the two incidents are not related, and it is working with Ms Lim to refund the charges.

It is also investigating three other cases of customers being charged for "phantom rides", which have been reported in the media.

More On This Topic
Uber concealed cyber attack that exposed data of 57 million users and drivers
Uber data breach: Other cases involving massive hacking

"We would like to assure the public that payment information is encrypted when you enter it into the Uber app," the Uber Singapore spokesman said.

Asked if any Singapore users were affected by the October 2016's global security breach, the spokesman replied: "We are in the process of notifying various regulatory and government authorities and we expect to have ongoing discussions with them.

"Until we complete that process we aren't in a position to get into any more details," the spokesman added.

When contacted, the Personal Data Protection Commission said it is aware of the breach and is in touch with Uber to get more details.

Join ST's WhatsApp Channel and get the latest news and must-reads.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top