The FBI in the US is looking into how British users of the taxi-booking app Uber have been charged for journeys they did not either book or make.
The minicab service, which charges users a fare depending on demand and distance travelled, says it has found no evidence of a security breach, although a number of UK users say they have had money withdrawn from their accounts for phantom trips.
The development comes as Uber is thrust into a major political battle that could see the introduction of laws designed to curb its growth.
In response to mounting opposition to the service from London’s black-cab drivers, mayor Boris Johnson is understood to be pushing for the inclusion in this week’s Queen’s Speech of a proposal to cap the number of minicab licences in the capital.
Uber users reporting that their accounts have been compromised in recent weeks include TV presenter Anthea Turner, who tweeted to Uber: “Account has been hacked nothing to help me on website – this is ridiculous.”
Another user said: “I woke up in London to find it said I had taken a $260 [£170] ride in a limousine in California. Because of the time lag, it had been ordered in the middle of the night here. I didn’t receive the notification until I looked at my phone in the morning.”
This follows speculation that Uber users’ account credentials have been found for sale on the “dark net”, a collection of thousands of websites that use anonymity tools to hide their internet provider address to enable them to carry out criminal activity. Once purchased, these accounts reportedly allow buyers to order rides using whatever payment information is on file.
Jo Bertram, the head of Uber’s business in the UK, has said new regulations should “protect people, their personal safety and their pockets, not hamper innovations they value and that make their lives easier”.
When asked about the compromised accounts, she said Uber users should make sure they used unique passwords and confirmed that the company had notified the US authorities that accounts had been violated as they investigate the security breach.
“We take any issue of this nature very seriously and, after investigating, have found no evidence of a breach at Uber. Attempting to access and use Uber accounts fraudulently is illegal and we notify the authorities about such activity.”
from Taxi Leaks http://ift.tt/1ISvJLJ