BY LORENZO FRANCESCHI-BICCHIERAI
In the last year only, Uber admitted suffering a data breach potentially affecting 50,000 drivers, accidentally left a lost and found database public, saw multiple cases of users getting their accounts taken over and charged with fraudulent rides,involuntarily exposed the personal info of hundreds of drivers, and didn’t realize there was a bug allowing hackers to keep control of hacked accounts.
In other words, it hasn’t been a great year for Uber in terms of security.
But the company seems to be committed to do everything it can to fix that, including getting the star actor from the hugely popular hacking show Mr. Robot to speak at its headquarters, as well as a company-wide security game.
Rami Malek, who plays hacker Elliot Alderson in the show, spoke at a panel at Uber on October 13.
The actor answered employees questions on “his experience of playing a hacker, the future of security, and what we can all do to be more secure,” Joe Sullivan, Uber’s chief security officer, said in a statement sent to Motherboard.
Malek was on a panel with Uber's Chief Information Security Officer John "Four" Flynn and Charlie Miller, who works at Uber’s Advanced Technologies Center and is one of the two researchers who famously hacked a Jeep from afar while Wired’s Andy Greenberg was driving it.
Miller apparently joked with Malek, telling him “damn, I thought we got Christian Slater."
“I thought we got Snowden," Malek replied.
The panel with Malek was just one of several initiatives that Uber has been doing as part of the National Cyber Security Awareness Month, a nationwide drive to educate people about security online.
Uber is also doing a company-wide competition called “Uber’s Game of Security,” which has the goal of raising awareness among employees, teaching them how to stay safe online, as well as how to protect Uber’s users.
The competition includes activities such as phishing tests, detecting common indicators of suspicious activity, and even finding bugs, according to a person with knowledge of the initiative.
As part of this push, Uber is having a panel next week on privacy and hacking with Nico Sell, a longtime organizer of the hacking conference DEF CON, and a founder of the privacy messaging app Wickr.
Hopefuly, all these initiatives will lead to better security for Uber users, such as two-factor authentication, which the company has been working on for a while. And, perhaps, 2016 will be a better year, with fewer Uber security mishaps.