Uber hack: 2.7m UK riders and drivers affected by huge data breach - more than half of all users

Lynsey Barber
Follow Lynsey
Uber Drivers Present Petition To Transport For London
Uber faces scrutiny from UK authorities over the hack (Source: Getty)

Uber has revealed that 2.7m riders and drivers in the UK have been affected by a massive hack of data - more than half of its users in the country.

It's the first time any figure has been given for the UK specifically since the hack, in which information such as email addresses, names, and phone numbers were compromised. The incident took place last year but was only revealed last week.

Uber has just over 5m users in the UK, 3.5m of them in London alone, and 50,000 drivers. It estimates that 57m have been affected by the hack worldwide.

Read more: Uber has been behaving like a tech teenager – it's time to grow up

The UK authorities sprang into action after news of the breach, with the National Cyber Security Centre (NCSC), National Crime Agency (NCA) and the Information Commissioner's Office (ICO) all launching investigations. They also warned that those in the UK affected should have been notified.

Uber noted that the figure is an approximation rather than an "accurate or definitive" one as the country codes assigned via the Uber app and website may not be the same as the country where a user lives.

The NCSC said in a statement: “We assess that the stolen information does not pose a direct threat to people or allow direct financial crime. Indications are that the breach involved user names, email addresses and mobile phone numbers."

Mayor of London Sadiq Khan slammed the ride-hailing startup, which has already run into trouble with authorities in the capital over its license to operate.

Read more: Everything you need to know about the Uber hack

“This latest shocking development about Uber will alarm millions of Londoners whose personal data could have been stolen by criminals," he said.

"Uber need to urgently confirm which of their customers are affected, what is being done to ensure these customers don't suffer adversely, and what action is being taken to prevent this happening again in the future. The public will want to know how there could be this catastrophic breach of personal data security.”

The company has said that riders don't need to take any action but it encourages users to keep an eye on accounts on a regular basis. "We have seen no evidence of fraud or misuse tied to the incident," Uber said. "We are monitoring the affected accounts and have flagged them for additional fraud protection."

Related articles