Uber accidentally exposed the personal information of hundreds of U.S. drivers during the Tuesday release of its “Uber Partner app.”
The app inadvertently gave access to nearly 1,000 personal documents belonging to 674 drivers that contained social security numbers, scans of driver’s licenses, tax forms and other information, The information was exposed for a few hours, according to Vice’s Motherboard.
An Uber spokesperson told SCMagazine.com in a Wednesday email correspondence the “information was only viewable if a driver logged in and specifically went to their documents page” and that the incident was fixed within 30 minutes of the company being notified.
“We’d like to thank the driver who drew it to our attention and apologize to those drivers whose information may have been affected. Their security is incredibly important to Uber and we will follow up with them directly,” the spokesperson said.
Scott Gordon, Chief Operation Officer (COO) of FinalCode told SCMagazine.com in an email Wednesday “securing files containing confidential and regulated data must take a front seat at Uber. “The ease at which sensitive information in documents are externally shared, or in this case mistakenly exposed, should be a wake-up call for all enterprises.”.
The incident comes just days after Uber patched a bug that allowed an attacker to maintain access to a compromised account even after the victim changed their password.