Uber’s In Trouble For Not Following The Rules
Alvarez discussed an Uber data breach that occurred in 2016. He said that the breach exposed the personal information of about 57 million Uber customers to hackers. After that, Uber paid hackers $100,000 to sign a nondisclosure agreement (NDA). Uber was trying to hide the incident but had to disclose it in 2017. The federal government fined them millions of dollars for not following the required procedure.
Joe Sullivan, former head of security for Uber, is in trouble for breaking the law and paying the ransom. Federal and state laws dictate what a company must do when end-user information is disclosed or compromised. If a company does not follow the rules, they get into trouble.
While carrying out the Uber data breach, hackers did what hackers typically do: They penetrated Uber and watched the activity and data flow without being discovered for months. By then, they had obtained the data of millions of Uber customers, including credit card information, names, addresses, and Uber ride history.
More and more law enforcement agencies at the federal and state levels are taking data breaches seriously. Numerous lawsuits have alleged that people’s personal information had been disclosed through either hacking or marketing. If someone has a business with more than 50 employees, they need to be aware of this because the laws impact their business.
A user can opt-in or out of cookies on websites, and if a user accepts the terms, the company can use display ads and so on. The CCPA was designed to make things better but also created legal loopholes that companies can use.
Alvarez also discussed a topic that is affecting rideshare companies such as Uber and Lyft. AB5 was designed to force gig economy companies to treat workers as employees instead of contractors. Uber and Lyft had said they were leaving California because of AB5, but a judge stayed the decision temporarily. So at least for the moment, Uber and Lyft would continue to operate in California.
Cybersecurity During Disasters
Cybersecurity is relevant during disasters such as the wildfires that California has been experiencing. Alvarez advised people to take their technology equipment with them when they evacuate if it is possible to take that equipment. Laptops, external hard drives, and even printers are quite portable, but desktop computers are less that way.
Alvarez said that if a person has a desktop computer, that person should take the computer if possible. Even if the computer endures fire, the hard drive should be able to survive that. Another possibility is to remove the hard drive and take that when evacuating.
During the engaging and fast-paced interview, Alvarez brought listeners up to date on several relevant and timely technology topics that affect many people and companies.