Uber Technologies Inc. has acknowledged that more than 57 million drivers and riders were the subject of a cyberattack in 2016. The ride-hailing company reached a settlement with American authorities in order to avoid prosecution.
Uber has also admitted that despite the authorities’ investigations into the company’s ride-sharing data security, they neglected to notify the US Federal Trade Commission about the hacking in November 2016 because of a non-prosecution agreement.
Uber waited a year to notify the security breach after installing new executive leadership, according to Stephanie Hinds, the United States Attorney for the Northern District of California, who made the statement in San Francisco. She added that the criminal charges against Uber were dropped as a result of the investigation’s new management. Additionally, Uber and the Federal Trade Commission (FTC) established a contract for the maintenance of a thorough privacy programme for almost 20 years.
Former Uber security chief Joseph Sullivan was instrumental in keeping this hack’s details secret. His attorneys claimed that he paid $100,000 to hackers and forced them to sign non-disclosure agreements claiming that they weren’t involved in the hack when he was accused in 2020 for concealing the data breach.
In 2018, Uber also paid $148 million to 50 U.S. states and Washington, D.C., to resolve lawsuit claims that the firm failed to promptly disclose a security breach.