The Office of the Privacy Commissioner of Canada (OPC) has yet to launch a formal investigation into the Uber cyberattack that affected 57 million U.S. customers, but has “reached out to the company to request more information.”
A spokesperson for the OPC told MobileSyrup that Uber has also yet to confirm precisely how many Canadian customers were affected by the hack that took place in October 2016, but that wasn’t disclosed until November 21, 2017.
“We have asked Uber to provide us with a written breach report, in which we would expect them to provide details about how the breach happened and about the impact on Canadians,” said an OPC spokesperson, in an email to MobileSyrup. “
The OPC is also “reaching out to our international counterparts to discuss the matter.”
The OPC further recommended that Canadian Uber customers be vigilant in monitoring their email inboxes for any malicious actors attempting to take advantage of misinformation circulating about the Uber attack.
“It’s always a good idea to be very cautious if someone you don’t know sends you an email or calls you asking you to provide personal information,” said an OPC spokesperson.
Bloomberg broke the story that Uber had not only failed to inform customers about the October 2016 cyberattack, but that the company had subsequently given into the hackers’ demands by paying $100,000 USD.
Uber CEO Dara Khosrowshahi released a statement yesterday explaining that the company had hired Matt Olsen — a former general counsel of the National Security Agency and director of the National Counterterorrism Center, to “structure our security teams and processes going forward.”