Uber will pay $148 million to U.S states and Washington, D.C following the failure to disclose a massive data breach that happened in 2016.
Uber, a ridesharing app for fast, reliable rides in minutes, faced a data breach in 2016 that affected 57 million customers – both riders and drivers. The breach revealed the customer’s name, email address and phone numbers and became the biggest embarrassment of the ride-hailing company. Uber also tried covering up the breach by hiring “hackers” and paid them $100,000.
Regrettably, the company failed to cover-up the breach which leads them to pay over $148 million to settle the data breach fiasco. 50 million riders and over 600,000 driver’s license are among the affected group of the breach.
A 10-month investigation about the data breach will also follow after the settlement. CEO of Uber, Dara Khosrowshahi also acknowledge the incident wherein he said that he will not make any excuse.
Uber’s move about covering up the incident was widely seen as a violation to data breach reporting and security laws. Khosrowshahi conceded that the breach should have been reported to the regulators right after it was discovered.
Changes to Uber’s business practices which aimed to prevent breaches was included on the said settlement. A report about data security incidents from Uber to states on a quarterly basis will also be a requirement.
Tony West, Chief Legal Officer of Uber said that earning the trust of both customers and regulators is not an easy thing to do but they are continuing to make more effort to protect and keep the customer’s data safe and secured.
The company is still facing lawsuits from riders and drivers.