Uber, the ride-hailing giant, has finally agreed for paying $148million to the legal authorities for its data breach scandal. In 2016, the hackers stole almost the data of its 25 million users by breaching the company’s data security firewall.
In late 2017, Dara Khosrowshahi, Uber CEO uncovered the data scandal and also revealed that Uber decided to hide the incident from its users. Moreover, the company decided to pay $100,000 to the hackers for deleting the stolen data. Khosrowshahi also mentioned that the hackers got their hands only on the name, email address and phone number of 57 million users. Instead of notifying the users and law authorities the company kept the incident a secret. The data was stolen under the leadership of former Uber CEO Travis, who stepped down from his position last year after facing numerous accusations.
After Khosrowshahi put the truth in front of everyone, many authorities sued the company for not properly safeguarding the user’s data and breaking their trust. The district of Columbia along with the attorneys general from all the 50 states filed a case against Uber for the data breach. On Wednesday, both the authorities and Uber settled down for the $148 million as the penalty. Along with the penalty, Uber has promised to reinforce its data security practices and provide the quarterly report over the next two years.
"Uber's decision to cover up this breach was a blatant violation of the public's trust. The company failed to safeguard user data and notify authorities when it was exposed”, said California Attorney General Xavier Becerra.
Uber assured the users that it has contacted the hackers and made sure that all stolen data has been deleted. The California based company also mentioned that the stolen data does not include, credit card numbers, social security numbers, trip location history and bank account number of the users.
Uber may be reached to a settlement with government bodies but it still facing the lawsuits from any private parties.