As cash succumbs to the convenience of credit and online shopping, personal information on everything from your finances to your favorite restaurants fly across the internet. As a business owner, you likely do your best to make sure that your customers’ data is under lock and key. Sometimes, however, someone can take advantage of a tiny crack in the system.
Following in the footsteps of the major Equifax leak, Uber has recently admitted to a gigantic data hack of 57 million people during 2016. Like Equifax, Uber failed to announce the danger to its users until long after the fact.
The hackers held this personal data hostage for a ransom of $100,000. They promised to destroy copies of the information once they received payment. Uber quietly paid the sum and expected the hackers to hold up their end of the bargain.
By waiting to report the invasion, Uber exposed millions of people to financial tragedy. If customers had known they were at risk, they could have taken steps to protect themselves such as changing credit card numbers and watching for suspicious activity. Government agencies could have worked with Uber to erase any traces of the stolen data when it first happened.
Hidden security breaches are not simply a matter of reputation, but also a matter of the law. The Federal Trade Commission and other top-level government entities are now inspecting Uber for other irresponsible security practices. During an investigation, business owners often want to show that they protected data to the best of their ability to avoid added penalties.
Unfortunately, these kinds of mass cyber attacks are all too common. Many small businesses simply don’t have the resources to outsmart malicious thieves.
If you discover that someone has stolen data that customers entrusted to you, report it immediately to avoid additional legal issues. Business owners should also contact a skilled attorney familiar with the detailed technicalities of cybercrime.