Staggering Claim Against Local Councillor by  'Gig Economist Expert' Sam Dumitriu (?)
A staggering claim reported by la 'Gig Economist Expert'  has been made against a local councillor following the decision by Brighton & Hove City Council not to renew the Uber Operator Licence on April 23 based on the 2016 Uber Breech of Data that was not revealed until one year later. Sam Dumitriu... head of research at the Adam Smith Institute stated.

“That is staggering, that she would make that confusion, that such a mistake would be made by someone with the power to regulate the service".
This follows the BBC South East Today report on Uber account holders having their accounts hijacked by phishing emails
The Argus - May 3 2018 - Reporter: Joel Adams

"ONE of the three councillors who ruled Uber should not be allowed to operate in Brighton and Hove has been accused of “staggering confusion” by an industry expert.

Meanwhile a petition to save Uber in the city has already been launched.
In 2016 Uber was hacked by American cyber criminals and names, email addresses and phone numbers of account holders were stolen, although never released in public.

Green Councillor Lizzie Deane, explaining the unanimous decision of the city council licensing panel on Tuesday, said: “The panel had a number of concerns, mainly relating to passenger safety and security.

“In particular, we heard of a major breach where over 57 million Uber users had their personal data compromised.

“Sadly, our fears that this may happen again have been realised, with news this week revealing that tens of thousands of Uber usernames, passwords and bank details have been hacked from UK accounts and sold on the ‘dark web’, enabling unauthorised users to make fraudulent journeys charged to other people’s accounts.”

She was referring to a BBC South East story last week, which showed Uber accounts were available to buy online, with criminals then able to charge their journeys to other people’s accounts.
But the security weakness which created that criminal opportunity was not within Uber’s systems.

The “hacked accounts” being sold online were accessible by two main means.

An Uber user could have clicked on a “phishing” email sent by a cyber criminal and unwittingly sent their log-in details to a fraudster.

They could also have use the same password for many accounts and log-in data from another website was compromised.

When that happens, criminals find out what other accounts and services they can get into with the leaked usernames and passwords -including Uber.

Sam Dumitriu, from Brighton, is head of research at the Adam Smith Institute. His research specialism is the gig economy.

He said: “That is staggering, that she would make that confusion, that such a mistake would be made by someone with the power to regulate the service.

“What that shows is that local councils shouldn’t be enforcing data regulations.

“It’s clearly an area of policy where we need a high level of expertise.”

An Uber spokesman said: “We remind our users to always use unique passwords for different online accounts. When people use the same password on more than one site and one of those accounts is compromised, anywhere else with the same log-in details can also be accessed.

“It is not possible for anybody who logs into an Uber account to access credit card details and we have made significant changes to reduce the ability for criminals to take trips on compromised accounts. We are always enhancing the ways we protect our users, and will refund trips a customer didn’t book or take.”

Cllr Deane said: “One of the biggest concerns the licensing panel had was data security. This was after councillors heard the detail of a breach that last year saw 57 million drivers and users of Uber have their personal information exposed. I stand by these concerns. A week after the original panel hearing ended, a BBC South East investigation into fraudulent Uber rides stated that ‘the app is easily hacked.’ Anyone would find that alarming.”

A petition to save Uber in the city has already received more than 150 signatures in under 24 hours."
So we will skip the first question as to what exactly is a 'Gig Economist' because a Google search won't find anything... but what is quite 'Staggering' is that it was quite obvious to all that the BBC South East Today report was on 'Phishing'  - "The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers"

However.. what Sam Dumitriu has conveniently omitted to mention is how such phishing emails were sent to Uber account customers in the first place?

Well...Uber had a massive Breach  of Data in 2017 but did not reveal this until one year later after paying off the hackers a reported $100,000 so this appears to be quite a clue.

Additionally we recommend that the Uber Twitter account should be looked at to see the many complaints made of Uber account holders being charged for journeys that have not been taken by the account holder
"Technology - BBC News November 22 2017

Uber concealed huge data breach

Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed.

The 2016 breach was hidden by the ride-sharing firm which paid hackers $100,000 (£75,000) to delete the data.

The company's former chief executive Travis Kalanick knew about the breach over a year ago, according to Bloomberg, which first broke the news.

The hackers found 57 million names, email addresses and mobile phone numbers, Uber said. Within that number, 600,000 drivers had their names and licence details exposed. A resource page for those affected has been set up.

Drivers have been offered free credit monitoring protection, but according to Uber's statement, affected customers will not be given the same.

'None of this should have happened'

"While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection," Uber's chief executive Dara Khosrowshahi said.

"None of this should have happened, and I will not make excuses for it," he added.

"While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes."

In the wake of the news, Uber's chief security officer Joe Sullivan has left the company."
So we put it to Sam Dumitriu the 'Gig Economist' that when making such 'Staggering' claims against a local Councillor that you look at the whole picture and consider all the facts available and that if could well be the case that with the massive Uber Breach of Data in 2017 that Uber did not reveal until one year later.. and only because there was a new CEO.. that these phishing emails would not have occured in the first place.

One extremely important point to note that one of the only two supporters of Uber present  at the Licensing Panel Hearing on Monday April 23 2018 was not even aware of the Uber Breach of Data and this is because even to date Uber has not issued any warning emails to all of its 57 million account holders that it has occured.

Sam... we think you owe the councillor an apology.

As a side note Uber does not even hold a UK Data Controller Licence.....

Sam Dumitriu is Head of the 'Adams Institute' that "....favours drug legalisation....."

Adam Smith Institute Policy

Andrew Peters
GMB Brighton & Hove Taxi Section
All copyright material acknowledged
Join our Facebook Trade Group
(Conditions apply)