When the October 2016 incident took place, the ride-sharing company was in talks with US regulators investigating claims of privacy violations. The company says it believes it was required to report the hack during those negotiations but didn't.
“None of this should have happened, and I will not make excuses for it,” Khosrowshahi told Bloomberg. “We are changing the way we do business.” The company's chief security officer was asked to resign and "one of his deputies" was fired due to their roles in the incident.
It all took place under the watch of former CEO and current board member Travis Kalanick. He was ousted in June under pressure from investors after a run of scandals that included tracking customers, underpaying drivers, a program to track Lyft drivers, a program to trick law enforcement, and Kalanick yelling at an Uber driver.
Uber has hired Matt Olsen, a former director of the National Counterterrorism Center, as an advisor who will help restructure the company's security teams.
Additionally, the company launched resource pages for riders and drivers. The riders page more or less says Uber doesn't have any evidence the hackers have done anything with the acquired data. Drivers will be notified and are being offered free credit monitoring and identity theft protection services.
Sign up here for our daily Thrillist email, and get your fix of the best in food/drink/fun.