Uber told potential investor SoftBank about massive data breach prior to alerting customers

Uber told a potential investor about its newly publicized data breach prior to alerting the company’s millions of affected account holders.

Japanese telecom SoftBank was notified about the massive data breach before Uber came clean to its customers, the ride-sharing app said in a statement late Thursday.

“We informed SoftBank that we were investigating a data breach, consistent with our duty to disclose to a potential investor, even though our information at the time was preliminary and incomplete,” Uber said in a statement.

“We also made clear that our forensic investigation was ongoing,” Uber said. “Once our internal inquiry concluded and we had a more complete understanding of the facts, we disclosed to regulators and our customers in a very public way.”

Hackers stole Uber data including the names, email addresses, and phone numbers of more than 57 million drivers and riders by breaching a third-party in late 2016, Uber CEO Dara Khosrowshahi revealed Tuesday.

Mr. Khosrowshahi was appointed Uber’s chief executive in August and knew about the data breach for more than two months before coming clean to account holders this week, The Wall Street Journal reported Thursday, citing unnamed sources

Uber told SoftBank about the data breach in discussions about three weeks ago, that report said. The ride-share company announced in the interim that it entered into an agreement with the Tokyo-based telecom on a potential investment reportedly valued at as much as $10 billion.

While SoftBank was privy to the data breach before the public, the fallout from this week’s reveal may toss a wrench in Uber’s plan to sell off further shares. Attorneys general in several states initiated investigations into Uber within hours of learning of the data breach Tuesday, and the the Federal Trade Commission said it is “closely evaluating the serious issues raised.”