Rideshare company Uber has been forced to apologise after accidentally exposing personal information of hundreds of its drivers in the United States during the this week's release of its “Uber Partner app.”
The app inadvertently gave access to nearly 1000 personal documents belonging to 674 drivers that contained social security numbers, scans of driver's licenses, tax forms and other information.
Uber drivers took to public forums to warn each other of the data leak, which left their details open to the world for several hours.
An Uber spokesperson said the “information was only viewable if a driver logged in and specifically went to their documents page”.
The spokesperson claimed the incident was fixed within 30 minutes of the company being notified.
“We'd like to thank the driver who drew it to our attention and apologise to those drivers whose information may have been affected. Their security is incredibly important to Uber and we will follow up with them directly," the spokesperson said.
Scott Gordon, chief operating officer of security startup FinalCode said "securing files containing confidential and regulated data must take a front seat at Uber".
"The ease at which sensitive information in documents are externally shared, or in this case mistakenly exposed, should be a wake-up call for all enterprises," Gordon said.
Uber's recent privacy gaffe comes just days after the company patched a vulnerability reported to it by Vice Motherboard that allowed an attacker to maintain access to a compromised account even after the victim changed their password.