網(wǎng)絡(luò)出租車服務(wù)公司優(yōu)步(Uber)21日稱�����,該公司2016年曾遭黑客攻擊�����,全球約5700萬優(yōu)步賬戶數(shù)據(jù)被竊取��,除乘客的姓名�、郵箱和電話號(hào)碼之外�����,約60萬名美國優(yōu)步司機(jī)的駕照號(hào)碼也被盜�。該公司向黑客支付了10萬美元(約合人民幣66萬元)封口費(fèi)以隱瞞此次事件�。
Uber Technologies Inc. paid hackers $100,000 to keep secret a massive breach last year that exposed the personal information of about 57 million accounts of the ride-service provider, the company said on Tuesday.
科技公司優(yōu)步21日表示,該公司曾向黑客支付10萬美元(約合人民幣66萬元)�����,以掩蓋發(fā)生在2016年的一起大規(guī)模信息泄露事件�����。此次事件導(dǎo)致優(yōu)步5700萬名用戶的個(gè)人信息外泄。
Discovery of the cover-up resulted in the firing of two employees responsible for its response to the hack, said Dara Khosrowshahi, who replaced co-founder Travis Kalanick as CEO in August.
今年8月接替優(yōu)步聯(lián)合創(chuàng)始人特拉維斯?卡蘭尼克出任該公司首席執(zhí)行官的達(dá)拉?科斯羅薩西稱�,發(fā)現(xiàn)有人隱瞞實(shí)情后,優(yōu)步解雇了兩名涉事員工�。
 |
|
The chief executive of Uber Technologies Inc, Dara Khosrowshahi attends a meeting in Brasilia, Brazil on October 31, 2017. /VCG Photo
|
"None of this should have happened and I will not make excuses for it," Khosrowshahi said in a blog post.
科斯羅薩西在博客中表示:“這些事情不應(yīng)該發(fā)生,我不會(huì)為此找借口����。”
The breach occurred in October 2016 but Khosrowshahi said he had only recently learned of it.
他稱��,這起信息泄露事件發(fā)生在2016年10月��,不過他最近才了解實(shí)情��。
The stolen information included names, email addresses and mobile phone numbers of Uber users around the world and the names and license numbers of 600,000 US drivers, Khosrowshahi said.
科斯羅薩西說�����,被竊取的信息包括全球優(yōu)步用戶的姓名���、郵箱和電話號(hào)碼���,以及60萬美國優(yōu)步司機(jī)的駕照號(hào)�。
Uber passengers need not worry as there was no evidence of fraud, while drivers whose license numbers had been stolen would be offered free identity theft protection and credit monitoring, Uber said.
優(yōu)步表示���,乘客不必?fù)?dān)心�,因?yàn)闆]有證據(jù)表明有人借此詐騙��,不過他們會(huì)向駕照號(hào)被盜的司機(jī)提供免費(fèi)的身份竊取保護(hù)和信用檢測(cè)服務(wù)���。
Bloomberg News first reported the data breach on Tuesday.
彭博新聞社21日率先報(bào)道了這次數(shù)據(jù)泄露事件�����。
Khosrowshahi said Uber had begun notifying regulators. The New York attorney general has opened an investigation, a spokeswoman said. Regulators in Australia and the Philippines said on Wednesday they would look into the matter.
科斯羅薩西稱���,優(yōu)步已經(jīng)在通知監(jiān)管部門。一位女發(fā)言人表示���,紐約總檢察長已對(duì)此事展開調(diào)查�����。澳大利亞及菲律賓的監(jiān)管機(jī)構(gòu)22日稱,他們將調(diào)查此事����。
Uber said it had fired its chief security officer, Joe Sullivan, and a deputy, Craig Clark, this week because of their role in the handling of the incident. Sullivan, formerly the top security official at Facebook Inc and a federal prosecutor, served as both security chief and deputy general counsel for Uber.
優(yōu)步稱��,因?yàn)樵谶@起事件中處置不力���,該公司首席安全官喬伊?沙利文及其副手克雷格?克拉克本周已被解雇。沙利文是優(yōu)步安全主管兼副總顧問����,曾任臉書網(wǎng)首席安全官及聯(lián)邦檢察官。
Kalanick learned of the breach in November 2016, a month after it took place, a source familiar with the matter told Reuters. At the time, the company was negotiating with the US Federal Trade Commission over the handling of consumer data. A board committee had investigated the breach and concluded that neither Kalanick nor Salle Yoo, Uber’s general counsel at the time, were involved in the cover-up, another person familiar with the issue said. The person did not say when the investigation took place.
據(jù)知情人士向路透社透露����,優(yōu)步前首席執(zhí)行官卡蘭尼克在2016年11月,也就是事件發(fā)生一個(gè)月后得知情況����。當(dāng)時(shí),該公司正在與美國聯(lián)邦貿(mào)易委員會(huì)就如何處理消費(fèi)者數(shù)據(jù)進(jìn)行協(xié)商���。據(jù)另一名知情者透露�����,公司董事委員會(huì)對(duì)這起泄露進(jìn)行了調(diào)查�����,結(jié)論是卡蘭尼克及時(shí)任優(yōu)步法律總顧問的薩爾都與隱瞞不報(bào)的行為無關(guān)��。該知情者并沒有說明調(diào)查是何時(shí)進(jìn)行的�。
 |
|
Travis Kalanick speaks to students during an interaction at the Indian Institute of Technology (IIT) campus in Mumbai, India on January 19, 2016. REUTERS
|
Uber said on Tuesday it was obliged to report the theft of the drivers’ license information and had failed to do so.
優(yōu)步21日表示,該公司有義務(wù)將司機(jī)駕照信息被盜的事件上報(bào)�,但卻未能盡到義務(wù)。
Kalanick, through a spokesman, declined to comment. The former CEO remains on the Uber board of directors, and Khosrowshahi has said he consults with him regularly.
卡蘭尼克通過其發(fā)言人表示�,對(duì)此拒絕置評(píng)。他現(xiàn)在仍是優(yōu)步董事會(huì)成員��,而科斯羅薩西曾表示���,自己經(jīng)常會(huì)向卡蘭尼克咨詢��。
Although payments to hackers are rarely publicly discussed, US Federal Bureau of Investigation officials and private security companies have told Reuters that an increasing number of companies are paying criminal hackers to recover stolen data.
雖然向黑客付款的事情很少公開����,但美國聯(lián)邦調(diào)查局官員及私人安保公司告訴路透社�,為了恢復(fù)被盜數(shù)據(jù),越來越多的公司向黑客犯罪分子支付贖金�。
“The economics of being a bad guy on the internet today are incredibly favorable,” said Oren Falkowitz, co-founder of California-based cyber security company Area 1 Security.
加州網(wǎng)絡(luò)安全公司Area 1 Security聯(lián)合創(chuàng)始人奧倫?法爾科維茨表示:“如今��,在互聯(lián)網(wǎng)上作惡非常有利可圖?!?/p>
Uber has a history of failing to protect driver and passenger data. Hackers previously stole information about Uber drivers and the company acknowledged in 2014 that its employees had used a software tool called “God View” to track passengers.
優(yōu)步此前就有過未能保護(hù)好司機(jī)及乘客數(shù)據(jù)的歷史。黑客曾竊取過優(yōu)步司機(jī)的信息���。該公司2014年承認(rèn)���,其員工利用一款名為“上帝視角”的軟件工具追蹤乘客。
Khosrowshahi said on Tuesday he had hired Matt Olsen, former general counsel of the US National Security Agency, to restructure the company’s security teams and processes. The company also hired Mandiant, a cybersecurity firm owned by FireEye Inc, to investigate the breach.
科斯羅薩西21日表示�����,他已經(jīng)聘請(qǐng)了美國國家安全局前法律總顧問馬特?奧爾森�,重新規(guī)劃公司的安全團(tuán)隊(duì)和措施。優(yōu)步還雇傭了火眼公司旗下的網(wǎng)絡(luò)安全公司曼蒂恩特調(diào)查這次信息泄露事件�����。
英文來源:路透社
翻譯&編輯:董靜
審校:yaning
