Uber “Covered Up” 2016 Hacking Attack That Compromised 57 Million Users

06/12/2017

San Francisco, USA - May 12, 2016: Uber headquarters entrance in San Francisco with sign on the right. A woman is leaving the building through the front door. Reflections of Market street in the window.

Uber has ousted its chief security officer after it was revealed that the company “covered up” a massive cyberattack that compromised the personal information of more than 57 million users.

Chief security officer Joe Sullivan and deputy Craig Clark both resigned recently in response to the attack, which was disclosed earlier today by Bloomberg News reporter Eric Newcomer. The cyberattack is believed to have affected more than 50 million users and seven million drivers.

Uber CEO Dara Khosrowshahi, who replaced founder Travis Kalanick as CEO earlier this year, stated that “none of this should have happened,” referencing the attempt by Uber to hide the full effects of the hack. He also stated that Uber “will not make excuses” for the decision.

According to reports, former CEO Travis Kalanick was informed of the hack late last year. Uber did not disclose any information about the cyberattack to its drivers or users, potentially creating privacy issues for its customer base.

The hacked data included the names, phone numbers and email addresses of approximately 50 million Uber customers. Around seven million drivers were affected, with driver’s license data for approximately 600,000 people compromised.

The hackers reportedly targeted Uber’s Amazon cloud account, “breaking in” to the company’s online records. Uber paid out $100,000 to the hackers to ensure the security break-in wouldn’t become public and prevent the data from being shared with others.

Sullivan, who has attracted much of the public attention for the “coverup” of the hack, joined Uber in 2015. He previously worked for Facebook as an online security specialist, as well as auction platform Ebay.

Uber representatives have publicly stated that the hack did not affect sensitive user data, such as credit card numbers, location information or bank account data. The hackers also failed to access private personal information such as social security numbers or birth dates.

Uber’s failure to disclose the hack could potentially have legal repercussions for the company. In California, where Uber is based, companies are required by law to report any data breach that affects more than 500 residents of the state.

Downplaying the impact of the hack, Khosrowshahi stated that Uber “obtained assurances that the downloaded data had been destroyed” by the hackers, and that the company has since taken steps to improve its digital security.

Uber will also offer free identity theft protection and credit monitoring services to its drivers to limit the effects of the cyberattack. The company’s statement on the hack and its outcome can be read here.

The 2016 hack could be the latest legal issue in a long list of problems for Uber, which has been plagued by sexual harassment claims over the past year. The New York state attorney general’s office has reportedly opened an investigation into the company’s slow response to the hack.

Other companies have been fined hundreds of millions of dollars for similar data breaches that affected large numbers of users. A 2015 security breach at Anthem Inc cost the company over $115 millions in fines and settlements.

Concordia Healthcare “Overcharged NHS by 6000%”

Elliot Preece

06/12/2017

nurses in the hospital corridor — a group of four young trainee nurses including male and female nurses , walk away from camera down a hospital corridor . They are wearing uk nurse uniforms of trousers and tunics.

A Canadian pharmaceutical company has been accused of deliberately overcharging the NHS more than £100 million over the past 10 years.

Concordia Healthcare, which was founded in 2012 and owns numerous pharmaceutical brands, allegedly hiked the price of liothyronine, a medicine used to treat thyroid disorders, by more than 6,000% over the past decade.

Although the company was founded just five years ago, Concordia has pursued a “growth via acquisition” strategy and operates a number of pharmaceutical brands. The company allegedly began its overpricing strategy in 2007.

According to the Competition and Markets Authority, Concordia began increasing the price of its thyroid medication in 2007. Over the last decade, the cost of a single packet of liothyronine paid by the NHS has increased from £4.46 to a staggering £258.19.

This price increase occurred despite the manufacturing costs of liothyronine remaining stable, according to a statement from the CMA.

Liothyronine is an essential medicine for treating a variety of thyroid conditions. People with an underactive thyroid — medically referred to as hypothyroidism — often use liothyronine to treat a deficiency of natural thyroid hormone production.

Hypothyroidism affects an estimated two people in every 100 and results in a variety of major symptoms, ranging from fatigue and lethargy to weight gain. Liothyronine is considered one of the only treatments for hypothyroidism for patients that fail to respond to levothyroxine.

According to the CMA, Concordia Healthcare could be fined as much as 10% of its worldwide annual revenue in response to the overpricing scandal.

In a statement, CMA chief executive Andrea Coscelli stated that drug companies that “abuse their position and overcharge for drugs” force UK taxpayers to overpay for medical treatments and care.

Coscelli also stated that the CMA’s findings are “provisional” and that the company hasn’t yet been found to have violated competition law.

Concordia is not the only pharmaceutical company to face public and regulatory scrutiny for its pricing strategy. American drug giant Pfizer was recently forced to pay a record £84.2 million in fines after it was found to have overcharged the NHS for a vital anti-epilepsy medication.

The medication in question, which contains phenytoin sodium, is used by approximately 48,000 people in the UK to treat epileptic seizures. Pfizer reportedly increased the price of the drug by 2,600% overnight, resulting in significant unexpected costs for UK taxpayers.

According to the CMA, Pfizer’s decision took advantage of a practice by the NHS that prevents patients from being switched to alternative medication brands. As a result of the price increase, the NHS spent more than £50 million on the drug in 2013, compared to £2 million in 2012.

Pfizer was also found to have overcharged UK health services specifically, offering an identical drug for a significantly lower price to healthcare providers in other European countries.

The decision to find Pfizer is currently under appeal. Currently, the CMA has publicly stated that it will consider representatives from Concordia before moving forward with a legal decision over the company’s pricing tactics.