Uber's latest security breach, which exposed 57 million customers' and drivers' personal information, has come under more and more scrutiny since it was revealed earlier this week. The Federal Trade Commission has already confirmed that it's looking into the breach as well as how Uber handled it. A number of agencies abroad are investigating the incident as well. But it doesn't stop there. Uber is also now under investigation by at least five state Attorney General offices and has been named in multiple lawsuits.
As the Washington Post reports, the attorneys general of Massachusetts, Illinois, Connecticut, New York and Missouri have all launched investigations into this latest egregious lack of data security as well as some Uber executives' decision to not report the breach and instead pay off hackers to keep them silent. The details of these investigations haven't been revealed but it's likely Uber broke a number of states' laws when it failed to notify its customers of the data breach in a timely manner.
We've launched an investigation into the Uber breach and have been in touch with the company to get more information.— Maura Healey (@MassAGO) November 22, 2017
We have serious concerns about the reported conduct.https://t.co/iH8X2nDWvz
The Washington Post also reports that at least three lawsuits are in the works. Those suits have been filed in California and Oregon and all three are seeking class-action suits against the company. In response to the breach and its mishandling, Uber's new CEO, Dara Khosrowshahi, has said, "None of this should have happened, and I will not make excuses for it. While I can't erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes."