Uber Technologies Inc. has revealed that a hack in 2016 affected more than 57 million drivers and passengers. In order to avoid punishment, the ride-hailing business negotiated a compromise with American law enforcement.
A non-prosecution agreement prevented Uber from informing the US Federal Trade Commission about the attack in November 2016 even though law enforcement was looking into the firm’s ride-sharing data security, the company has acknowledged.
Stephanie Hinds, the US Attorney for the Northern District of California, presented the claim in San Francisco. She said Uber delayed a year to disclose the security problem after appointing new senior leadership. She continued by saying that due to the changed management of the inquiry, the criminal accusations against Uber were dismissed. Additionally, a contract was made between Uber and the Federal Trade Commission (FTC) for the maintenance of an extensive privacy programme for approximately 20 years.
Joseph Sullivan, a former Uber security director, played a key role in preventing the disclosure of this hack’s specifics. When he was accused in 2020 of hiding the data breach, his attorneys said that he paid $100,000 to hackers and forced them to sign non-disclosure agreements saying that they weren’t engaged in the attack.
Additionally, Uber paid $148 million to 50 US states and Washington, D.C. in 2018 to settle legal accusations that the company had delayed disclosing a security issue.