Thursday 30 Nov 2017 @ 13:25
National Cyber Security Centre
Printable version

Update: Uber Data Breach

An update to the official statement from the National Cyber Security Centre on the Uber data breach.

A spokesperson for the NCSC said:

“Uber have said that the October 2016 data breach affected approximately 2.7 million user accounts in the UK.

“We assess that the stolen information does not pose a direct threat to people or allow direct financial crime. Indications are that the breach involved user names, email addresses and mobile phone numbers.

“People who are concerned should continue to be vigilant and follow the advice on the National Cyber Security Centre website.”

Further information

  • Companies should always report any cyber attacks to the NCSC immediately. The more information a company shares in a timely manner, the better able we are to support them and prevent others falling victim.
  • If a member of the public thinks they have been a victim of cyber crime or cyber-enabled fraud, they should contact Action Fraud.
  • If you have been told that your personal details, such as your password, may have been accessed, you should ensure those details are not used on any other accounts. Victims of cyber crime should be vigilant against suspicious phone calls or targeted emails. Further advice can be found here.

NCSC advice on phone calls

  • If you do receive a phone call that is suspicious - for example, one that asks you for security information - do not divulge any information, and hang up.
  • Pick up the phone and make sure there is a dial tone to ensure the caller is not still on the line.
  • Contact the organisation that the caller claimed to be from – never using the details they provided during the call.

NCSC advice on targeted emails

  • Fraudsters can use the data they’ve acquired to make their phishing messages look much more credible, including using real names and statements such as: 'To show this is not a phishing email, we have included the month of your birth and the last 3 digits of your phone number'.
  • These phishing messages may not relate to the organisation that has been breached, and may use more well-known brands. The NCSC has guidance on protecting yourself from phishing.
  • Usually, if you are the target of a phishing message, your real name will not be used. However, if fraudsters do have your name, people will need to be extra vigilant around any message that purports to be from an organisation they deal with - especially when there are attachments or links which take people to sites asking for more personal information.

 

Channel website: https://www.ncsc.gov.uk/

Original article link: https://www.ncsc.gov.uk/news/update-uber-data-breach

Share this article

Latest News from
National Cyber Security Centre

Cyber chiefs unveil new roadmap for post-quantum cryptography migration

20/03/2025 15:25:00

New guidance from the NCSC outlines a three-phase timeline for organisations to transition to quantum-resistant encryption methods by 2035.

Young people urged to ‘Think Fraud’ over rent offers

03/03/2025 14:17:00

New data shows 18 to 39 year olds account for almost 3 quarters of rental fraud reports as phase 2 of nationwide ‘Stop! Think Fraud’ campaign launches.

Cyber agencies unveil new guidelines to secure edge devices from increasing threat

05/02/2025 16:15:00

New guidelines encourage device manufacturers to include and enable standard logging and forensic features that are robust and secure by default.

New proposals to counter ransomware: Have your say

15/01/2025 15:10:00

Help shape the proposals aimed at striking a significant blow to the ransomware criminal business model in the UK.

UK girls triumph in national cyber skills contest

05/12/2024 10:10:00

Teams of girls from schools across the UK have been crowned cyber security champions

Risk facing UK "widely underestimated", cyber chief to warn in first major speech

03/12/2024 18:14:10

Richard Horne described the cyber risks facing the nation as “widely underestimated” and call for collective action against an increasingly complex array of threats.

UK and allies warn about shift in cyber attackers exploiting zero-day vulnerabilities

14/11/2024 11:05:00

NCSC and international partners share top 15 vulnerabilities that were routinely exploited by cyber attackers last year.

The 4th Republic of Korea-UK Cyber Dialogue held in London

08/11/2024 15:18:00

The 4th Republic of Korea (ROK)-United Kingdom (UK) Cyber Dialogue was held in London on 6 November 2024.

Cyber Essentials scheme marks a decade of boosting businesses’ cyber defences

28/10/2024 16:05:00

Following the 10 successful years of the Cyber Essentials scheme, more businesses urged to strengthen cyber security protections