[ad_1]
Richard Drew / AP
Uber is paying $ 148 million to pay for the company's hiding of a data breach in 2016, as hackers stole personal information from some 25 million customers and drivers in the United States.
Instead of reporting stolen data according to law, Uber paid $ 100,000 to hackers. It was late 2016; It was only in November 2017 that Dara Khosrowshahi, CEO of Uber, revealed that hackers had downloaded the names, email addresses and cell phone numbers of 57 million. Uber users in the world. The figure included 600,000 company drivers, whose names and driver license numbers were also at risk.
Uber paid the hackers when the company was still headed by its former CEO, Travis Kalanick – who resigned in mid-2017 facing numerous accusations regarding the culture and ethical practices of the startup.
"Uber's decision to conceal this violation was a flagrant violation of public trust," California Attorney General Xavier Becerra said in announcing the settlement. "The company failed to protect users' data and inform the authorities when they were exposed."
Attorneys General of the 50 states and the District of Columbia brought a lawsuit for violation. They announced the settlement Wednesday, saying that in addition to the sanction, Uber agreed to strengthen its data security practices and provide states with quarterly security updates for the next two years.
The legal director of Uber, Tony West – who joined the company at the time the piracy case was made public – said the settlement was part of Uber's goal of "taking his responsibilities for past mistakes, to learn from them and to go forward ".
When Uber revealed the offense, she said the hackers had targeted data stored on a third-party cloud service – and that the information on display did not include location history, card numbers credit, birth date account numbers.
The San Francisco-based company said it had contacted the hackers and "obtained assurances" that the downloaded data had been removed.
As NPR's Yuki Noguchi told our Newscast unit, "By not reporting the violation for a year, regulators say the company has left its drivers vulnerable to financial fraud and usurpation next year. . "
As part of his response to the data breach, Uber fired Joe Sullivan, his security officer. After the piracy was made public, Sullivan defended the company's handling of the issue, claiming that Uber had paid a "bug bonus" to the hacker, rather than a ransom for stolen data. It was part of an ongoing security program and no, said Sullivan, a camouflage. But others, both within the company and the regulatory agencies, did not agree.
Uber is still being prosecuted by private parties and some cities for its treatment of the 2016 violation.
In July, the Federal Trade Commission sent checks totaling nearly $ 20 million to Uber drivers in 19 cities, after finding that they were misled by exaggerated claims over the revenue they received. they could win. These payments come from a separate settlement for 2017.
Source link