Uber has had its share of problems. The ride-share network has come under fire in the last year for various things, including breaking Apple鈥檚 terms of use in order to 鈥渟py鈥 on users. Behind the scenes, the company was in hot water earlier in the year for seemingly backing the President鈥檚 original travel ban, and then by the time the summer rolled around, the company鈥檚 founder was in hot water for sweeping sexual misconduct under the rug. While these things may not have been dealbreakers for you, this new information might be.

Nearly two years ago in 2016, hackers approached Uber to inform them of a massive data breach. According to Bloomberg, the hackers had personal information like names, email addresses, and phone numbers of 50 million users around the world, as well as the personal info of seven million drivers, with over 600,000 driver鈥檚 license numbers also stolen.

And while this data breach is startling at the very least, the way the company handled it is even worse.

Finally telling Uber users about the hack in a blog post yesterday, the company鈥檚 CEO Dara Khosrowshahi gave a vague outline as to how the tech startup dealt with the hackers. 鈥淎t the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals,鈥 Khosrowshahi wrote in his post. 鈥淲e subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.鈥

But what does it mean when a company 鈥渟ecures鈥 the data? Bloomberg says that Uber actually paid the hackers $100,000 dollars to delete all the information they stole from the company. Which, if you think about it for more than five seconds, is actually a really terrible precedent to set.

At the time, the company was dealing with regulators investigating privacy breach claims with Uber, which could explain why former CEO Travis Kalanick kept the hack secret. With Tuesday鈥檚 disclosure, however, New York Attorney General Eric Schneiderman has launched a new investigation into the company鈥檚 practices.

While this isn鈥檛 the biggest data breach ever, the fact that the company did not disclose it at the time is troubling. It may have been because the information was easy for hackers to access on account of Uber鈥檚 engineers being lax with security online (according to some reports), but regardless, the secrecy around the payout is pretty bad. Uber is also being investigated in the UK for the data breach, because the island nation is the largest Uber user in Europe.

Khosrowshahi, meanwhile, is offering free credit monitoring for drivers whose personal info was stolen in the hack and has hired security expert Matt Olsen, a former staffer at the National Security Agency and director of the National Counterterrorism Center, to help the company going forward.

鈥淣one of this should have happened,鈥 Khosrowshahi closed his blog post, adding, 鈥渁nd I will not make excuses for it. While I can鈥檛 erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.鈥

Does this data breach disclosure change your feelings on Uber? Tell us @BritandCo!

(Photo via Getty)