Sponsored Links

Uber will pay $148 million for 2016 data breach coverup

The money will be split between US states.
Ginnette Riquelme / Reuters
Ginnette Riquelme / Reuters
Mallory Locklear
Mallory Locklear|@mallorylocklear|September 26, 2018 2:10 PM

Last year, reports surfaced that Uber had been hit with a data breach, but instead of reporting it to the government or to those affected, it chose to cover it up. Now, the company will pay $148 million as part of a settlement, and the money will be disbursed between each US state and Washington, DC. After the hack and Uber's response to it became public, a number of states launched investigations into the incident while others filed lawsuits.

Hackers obtained personal information for around 57 million Uber customers and drivers in October 2016 and in response, the company paid those behind the attack $100,000 to delete the data and keep quiet. The Federal Trade Commission initiated an investigation after the news came to light, later adding more provisions to an earlier settlement it made with the company over inadequate data safeguards.

"Uber's decision to cover up this breach was a blatant violation of the public's trust," California Attorney General Xavier Becerra said in a statement. "The company failed to safeguard user data and notify authorities when it was exposed. Consistent with its corporate culture at the time, Uber swept the breach under the rug in deliberate disregard of the law."

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

Along with the fine, Uber has agreed to more rigorous data security and breach notification practices as well as outside assessments of its data security efforts.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Uber will pay $148 million for 2016 data breach coverup