Uber has been forced to defend a practice whereby anyone with an internet connection can view the trips of strangers.
Computer security expert Mykko Hypponen discovered the ability for anyone to view trips by searching trips.uber.com in Google.
— Mikko Hypponen (@mikko) September 2, 2015
Seemingly surprised by the information, chief information security officer at Uber, Joe Sullivan, tweeted back to Mr Hypponen, letting him know the company was looking into it.
An hour later, the Uber representative replied again saying the information was not a data leak, but a result of Uber uses purposely ‘sharing’ their ETA with friends and family.
It’s true – one option for Uber users, introduced in 2013 – is to let their friends know how far away they are by sharing a live map of their journey.
The rides that show up on Google are from users who have chosen to share their ETA on social media, and have therefore had their data cached.
However, it’s unlikely that even users who let their Facebook friends know their ETA are aware the information will be searchable in the future for friends and strangers alike.
When user choose to share their ETA, a text is sent with a link to a live Google map, with no exact addresses visible.
But source code from the data collected, and publicly accessible, also includes details of pick up and drop off points, according to Business Insider.
In a statement, the ride sharing company said: “We have found that all these links have been deliberately shared publicly by riders.
“Protection of user data is critically important to us and we are always looking for ways to make it even more secure.”