- Uber users taking to Twitter to report their accounts have been breached
- Fraudsters book journeys on Uber users accounts
- Users have vented frustration that there is no number to call when their accounts have been breached
Anthea Turner was the latest to have her account compromised, leaving her with a bill for journeys she did not book or take.
The TV presenter tweeted to Uber ‘account has been hacked nothing to help me on website – this is ridiculous’.
Uber is a mobile app that connects minicab ride requests with drivers. Users can input their credit card details on the app so that they do not have to have cash with them to pay.
But the Uber support Twitter account is awash with users complaining that they have had cash taken from their accounts for journeys that they did not book or make. Some users have reportedly had hundreds or even thousands of pounds taken from their accounts.
Uber still denies that it has been breached – but has promised to reimburse all customers who have been charged for journeys that they did not book or take.
Elaine Johnson tweeted: ‘Help – my account has been hacked and I don’t know who to contact to report this to? Someone’s spending my cash.’
Gemma Hole said: ‘My account has been hacked, I’ve apparently just ordered 13 cabs to Clapton and counting and I’m getting charged.’
The complaints on Twitter are coming from users across the globe including the States and France.
Record producer Mick Crossley told The Standard he had been hit with a bill for £3,000 for 142 journeys. He said he did not receive notification that the journeys had been booked because someone had changed his contact email address on his account as well.
Just last night Twitter user Jade Samantha posted a screenshot of Uber journeys taken on her account totalling close to £100, which she claimed she never took. Some Twitter users are responding to account hacking postings with the hashtag #ubered.
Amanda O’Shaughnessy told This is Money she found out that someone was using her account when she started to receive invoices for journeys she had not made. ‘I’ve lost complete trust in the service and it’s for these reasons that I won’t use them again, despite the convenience,’ she said.
Some customers have also vented their fury at their inability to get hold of someone at Uber to report the situation to.
Worried: Anthea Turner reached out to Uber support on Twitter after she was charged for journeys she did not make
The website does not contain a telephone number, only an email function for enquiries.
Anthea Turner was one user who appears to have struggled to get through to the minicab sharing company.
She tweeted that she couldn’t even change her account details because her login details had been changed by someone. Then after appearing to have tried to get a phone number for them, tweeted Uber saying ‘your email is saying not valid and the number from 118 500 is not ringing through. Do you exist?’
A spokesperson for Uber categorically denied that there had been a breach at Uber, confirming to This is Money that they were 100 per cent sure that their system had not been compromised.
Charged: Users have taken to Twitter to share concerns about their accounts being hacked
‘We take any issue of this nature very seriously and after investigating have found no evidence of a breach at Uber,’ an Uber spokesperson said. ‘Attempting to fraudulently access and use Uber accounts is illegal and we notify the authorities about such activity.’
However they admitted that there have been a number of users reporting that their accounts had been used by other people to book journeys.
They said they were still investigating the cause, but that the most likely explanation is that there had been a data breach on another e-commerce website.
Since people often use the same usernames and passwords across several online accounts, fraudsters have attempted to use the data hacked from another site to access Uber accounts.
It said the issue is being taken very seriously and anyone left out of pocket will be reimbursed.
A spokesperson added: ‘We would like to remind people to use strong and unique usernames and passwords and to avoid reusing the same credentials across multiple sites and services. However, anyone who is charged for a trip they didn’t book or take would get a refund.’
Full credit card details are not stored on an Uber account account, but a hacker can see the last four digits of a card number, as well as their full email address and phone number.
From this a person could commit wider identity fraud, or sign into other accounts if the username and password is copied across other sites, apps and accounts, if this isn’t the method by which they breached the Uber account in the first place.
Despite the frustrations of some customers, Uber is not sharing a phone number that people can call should they think they have been affected.
Instead they can email firstname.lastname@example.org and should receive a response within an hour. A spokesperson for Uber said this method was ‘more efficient’ – particularly since Uber is a global company – and the email account is monitored 24 hours a day.
Dismayed: Increasing numbers of Twitter users have taken to the site to share their experience of Uber journeys booked on their account by someone else
The reported account breaches come after reports last month that hackers had allegedly obtained thousands of login details for Uber accounts worldwide – and were selling them for as little as $1.
Two sellers – known only as Courvoisier and ThinkingForward – were reportedly using online marketplaces on the dark web such as AlphaBay to offer this personal information.
Uber reiterated at the time that it had found ‘no evidence’ of a security breach in its systems.
Source: Mail Online