ONE of the three councillors who ruled Uber should not be allowed to operate in Brighton and Hove has been accused of “staggering confusion” by an industry expert.

Meanwhile a petition to save Uber in the city has already been launched.

In 2016 Uber was hacked by American cyber criminals and names, email addresses and phone numbers of account holders were stolen, although never released in public.

Green Councillor Lizzie Deane, explaining the unanimous decision of the city council licensing panel on Tuesday, said: “The panel had a number of concerns, mainly relating to passenger safety and security.

“In particular, we heard of a major breach where over 57 million Uber users had their personal data compromised.

“Sadly, our fears that this may happen again have been realised, with news this week revealing that tens of thousands of Uber usernames, passwords and bank details have been hacked from UK accounts and sold on the ‘dark web’, enabling unauthorised users to make fraudulent journeys charged to other people’s accounts.”

She was referring to a BBC South East story last week, which showed Uber accounts were available to buy online, with criminals then able to charge their journeys to other people’s accounts.

But the security weakness which created that criminal opportunity was not within Uber’s systems.

The “hacked accounts” being sold online were accessible by two main means.

An Uber user could have clicked on a “phishing” email sent by a cyber criminal and unwittingly sent their log-in details to a fraudster.

They could also have use the same password for many accounts and log-in data from another website was compromised.

When that happens, criminals find out what other accounts and services they can get into with the leaked usernames and passwords –including Uber.

Sam Dumitriu, from Brighton, is head of research at the Adam Smith Institute. His research specialism is the gig economy.

He said: “That is staggering, that she would make that confusion, that such a mistake would be made by someone with the power to regulate the service.

“What that shows is that local councils shouldn’t be enforcing data regulations.

“It’s clearly an area of policy where we need a high level of expertise.”

An Uber spokesman said: “We remind our users to always use unique passwords for different online accounts. When people use the same password on more than one site and one of those accounts is compromised, anywhere else with the same log-in details can also be accessed.

“It is not possible for anybody who logs into an Uber account to access credit card details and we have made significant changes to reduce the ability for criminals to take trips on compromised accounts. We are always enhancing the ways we protect our users, and will refund trips a customer didn’t book or take.”

Cllr Deane said: “One of the biggest concerns the licensing panel had was data security. This was after councillors heard the detail of a breach that last year saw 57 million drivers and users of Uber have their personal information exposed. I stand by these concerns. A week after the original panel hearing ended, a BBC South East investigation into fraudulent Uber rides stated that ‘the app is easily hacked.’ Anyone would find that alarming.”

A petition to save Uber in the city has already received more than 150 signatures in under 24 hours. 

To read or sign the petition go to https://www.change.org/p/brighton-and-hove-city-council-licensing-panel-save-uber-in-brighton