Advice for Uber customers and drivers
The National Cyber Security Centre (NCSC) has issued advice to customers and drivers after a breach was reported to them.
A breach of Uber customers’ and drivers’ records from October 2016 was reported to the NCSC on Tuesday 21 November 2017.
Based on current information, the NCSC have not seen evidence that financial details have been compromised. They are working with the ICO to verify the extent of this breach, including the type and volume of information compromised.
- Do not feel obliged to delete the app. The incident took place over a year ago and we have seen no evidence of additional risk having the app on your phone today.
- Immediately change passwords you used with Uber. Legitimate users can make a compromised password useless by replacing it with a new one the attacker does not know. If you re-used the same password on other accounts, you should change the password on those too.
- Be alert to potential phishing emails. Phishing attacks can come through emails sent by strangers that mimic an established or trusted party to lure compromising information from the recipient. Since Uber’s data includes personal information, such as customers’ phone numbers and driving licence information, these could be used by scammers to make phishing emails more convincing.
- Be vigilant to potential scam phone calls. Be especially vigilant against phone calls you receive. If you do receive a phone call that is suspicious - for example, one that asks you for security information - do not divulge any information and hang up. When you next pick up the phone, make sure there is a dial tone to ensure the caller is not still on the line. Immediately contact the organisation that the caller claimed to be from using a phone number gained from their company website. Do not use any details provided during the previous call – these could be bogus.
- Contact us if you think you have been a victim.
ActionFraud is the UK’s national fraud and cyber crime reporting centre.
We provide a central point of contact for information about fraud and cyber crime.
The easiest way to report fraud and cyber crime is by using our online reporting tool.Report
Latest News from
UK Finance reveals ten Covid-19 scams the public should be on high alert for31/07/2020 10:20:00
UK Finance unveils ten Covid-19 and lockdown scams to be aware of.
PayPal account holders warned about phishing29/07/2020 13:20:00
Action Fraud is warning the public about phishing emails, sent out by criminals, claiming to be from PayPal.
Man Jailed for offering fake tax refunds in COVID-19 scam20/07/2020 14:43:00
Crown Prosecution Service issues warning after man jailed for offering fake refunds during lockdown.
Investment Fraud Alert: Friends & Family Unknowingly Recruiting Victims17/07/2020 13:20:00
Investment fraud alert following reports from people falling victim to Ponzi-style schemes.
Nigerian serial fraudster and British partner lose more than £1million of assets15/07/2020 16:43:00
Follows civil recovery investigation by the National Crime Agency.
UK Finance warns consumers to beware of Coronavirus holiday scams29/06/2020 10:20:00
New warning from UK Finance around Coronavirus holiday scams.
Ticket fraud warning as venues prepare to re-open24/06/2020 13:20:00
Action Fraud are urging people to be wary of fraudsters selling fake or non-existent tickets to events.
Over £16 million lost to online shopping fraud during lockdown, with people aged 18-26 most at risk22/06/2020 13:20:00
Despite retail and non-essential shops re-opening across the UK, many of us continue to shop online.