Data breach costs Uber $148 million

ubertaxi2
ubertaxi2
Avatar of Linda Hohnholz
Written by Linda Hohnholz

Uber agreed to pay $148 million and take steps to tighten data security after failing for a year to notify drivers about stolen information.

Illinois Attorney General Lisa Madigan announced a settlement today between Uber Technologies, Inc. and all 50 states and the District of Columbia.

Uber has agreed to pay $148 million and take steps to tighten data security after the ride-hailing company failed for a year to notify drivers that hackers had stolen their personal information.

โ€œUber completely disregarded Illinoisโ€™ breach notification law when it waited more than a year to alert people to a serious data breach,โ€ Madigan said.

Madigan said that although Uber is now taking appropriate steps, โ€œthe companyโ€™s initial response was unacceptable. Companies cannot hide when they break the law.โ€

Uber learned in November 2016 that hackers had accessed personal data, including driverโ€™s license information, for roughly 600,000 Uber drivers in the U.S. The company acknowledged the breach in November 2017, saying it paid $100,000 in ransom for the stolen information to be destroyed.

Tony West, chief legal officer for Uber, said the decision by current managers was โ€œthe right thing to do.โ€

โ€œIt embodies the principles by which we are running our business today: transparency, integrity, and accountability,โ€ West said.

The hack also took the names, email addresses and cell phone number of 57 million riders around the world.

All 50 states and the District of Columbia sued Uber, saying the company violated laws requiring it to promptly notify people affected by the breach.

About the author

Avatar of Linda Hohnholz

Linda Hohnholz

Editor in chief for eTurboNews based in the eTN HQ.

Share to...