It's all around us these days and most of the time we don't even know...
Data Breaches.
Uber held onto this for a long time.
Sad really.
While it is (should be, at least) embarrassing to have such issues and perhaps to not be on the top on the list for an announcement - not coming clean just causes more issues for the very people that "pay the bills".
Worse I suppose is the tendancy for all companies to demand too much information. You know - like wanting to know what time they open and you having to give all your personal details on their web form before you can ask. OK - OK - so that info is usually on their web site - but you get the drift. It's out of control. Add that attitude towards creating a real account with billing info and all and you've got a prime situation for a breach of data that should never have been out there.
Not saying this was the case for Uber. I don't know.
But it seems to be the norm too often these days.
In fact, I personally do not use Uber - although I did have a problem with an email address being abused by someone on an Uber account once. I could never contact them. It seems I would have had to create a new account to be able to install the app to contact support about the account I did not have. Go Figure.