A lesson in database management, courtesy of Uber

It’s a common refrain among startups that they “want to be Uber, but for [fill in the blank.]” But the latest setback for the ride-sharing service probably doesn’t mean anyone’s lining up to be the Uber of security. 

Drivers who wanted to access their tax forms for the ride-hailing service found themselves confused when they went to that section of the company’s website. When they hoped to get their own tax information, they instead got the forms for an Uber driver in Florida.

Many took to forums and websites pointing out the mistake (which exposed the Florida driver’s name, Social Security number, home address and more). Some were worried that if they had someone else’s tax information, it stood to reason another driver might wind up receiving theirs by mistake.

Limited exposure

Uber has said that wasn’t the case: Due to an error, one driver’s information was shared with a few recipients. But following the disclosure of more than a thousand drivers’ records last October, there’s plenty of worry and lost trust among the drivers who use the service.

It’s a very specific reminder of a basic rule of security: Make sure that any databases that can be accessed by users are set up correctly and checked regularly for any issues.

One mistake could mean eroded trust – not just for the employee or customer whose information is revealed, but also from anyone the information was revealed to.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy