The US government and 50 states have fined Uber $148 million. The reason? The company failed to expose an Uber data breach that occurred in 2016.
Today, the company agreed to pay the fine to settle the legal action.
Uber Data Breach
In 2016, Uber was hacked.
And rather than report the heist to regulators, the company decided to cover up the Uber data breach by paying the same hackers $100,000 to delete the data they had stolen.
The hackers had managed to get into Uber’s cloud servers and stole personal data from 57 million Uber accounts. They also secured information about some 600,000 driving license numbers.
Uber, proverbially, shoved the breach under the rug and got on with it. The people whose accounts and details were exposed were none-the-wiser.
Exposure of the Uber Data Breach
The company kept a lid on the breach for almost a year, until CEO Dara Khosrowshahi revealed it on the Uber Newsroom site, detailing the incident, last November.
>> Michael Kors Set to Buy Versace for $2.2 Billion and Change Its Name
Admitting the error, and that covering it up was a mistake, the Uber CEO seemed apologetic:
“None of this should have happened, and I will not make excuses for it. […]We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”
He has since resigned from his post.
But, as you can imagine, the admission provoked uproar and brought Uber into several legal disputes.
Ongoing
The Uber data breach is still ongoing. The company may have settled with the US Government and 50 states, but it still faces legal action from drivers and customers.
As well as paying the fine, Uber has made certain agreements to make sure it does not fall victim to the same issue again. From now-forth, it is required to submit regular reports on security incidents to regulators.
At the time of the breach, the company fired two security operators in an effort to “learn from our mistakes.”
Featured Image: DepositPhotos /© Vicdemi