Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Businesses Security The Almighty Buck The Courts Transportation

Uber Settles Data Breach Investigation For $148 Million (nytimes.com) 18

An anonymous reader quotes a report from The New York Times: Uber will pay $148 million to settle a nationwide investigation into a 2016 data breach (Warning: source may be paywalled; alternative source), in which a hacker managed to gain access to information belonging to 57 million riders and drivers. The breach included names and driver's license numbers for 600,000 drivers. Rather than disclosing the breach when it occurred, Uber paid the hacker $100,000 through its bug bounty program. [...] The ride-hailing company persuaded him to delete the data and stay quiet about it with a nondisclosure agreement. The incident became public a year later when Uber's chief executive, Dara Khosrowshahi, announced it as a "failure" and fired the two employees who had signed off on the payment.

Tony West, Uber's chief legal officer, said the settlement was part of a larger effort inside Uber to remake the company's image. He said the company had recently hired a chief privacy officer and a chief trust and security officer. The $148 million settlement announced Wednesday will be divided among all 50 states and the District of Columbia. "Companies in California and throughout the nation are entrusted with customers' valuable private information," Xavier Becerra, California's attorney general, said. "This settlement broadcasts to all of them that we will hold them accountable to protect that data."

This discussion has been archived. No new comments can be posted.

Uber Settles Data Breach Investigation For $148 Million

Comments Filter:
  • by sittingnut ( 88521 ) <sittingnut&gmail,com> on Wednesday September 26, 2018 @05:12PM (#57381492) Homepage

    "The $148 million settlement announced Wednesday will be divided among all 50 states and the District of Columbia"

    but does any of that goes to riders and drivers whose data got breached?
    or is this "settlement" a mere pay off to government lawyers in 50 states and dc? a bribe in another name?

    • by ShanghaiBill ( 739463 ) on Wednesday September 26, 2018 @05:43PM (#57381572)

      but does any of that goes to riders and drivers whose data got breached?

      No, because they didn't suffer any financial consequences, since all their data had already been leaked in the Equifax, Target, Yahoo, and Home Depot breaches. People need to face reality: At this point your name, SSN, DOB, home address, and CC#s are all public information. Breaches don't matter anymore.

      • by Puls4r ( 724907 )
        And yet equifax continues to avoid most fines. 500k euros. That's it. No US penalty. Gee, I wonder who the government favors more. A rideshare company or a financial corporation with their tentacles in literally EVERYTHING.
        • the settlement was uber's fine. in the case of equifax there's no law that would cause them to get fined. and they don't directly take credit card payment (with some exceptions) so Visa et al can't give them penalties under any contract.
      • by rtb61 ( 674572 )

        Each time, those details are leaked, the citizen should have the right to change as many as possible and as necessary. Change credit card numbers (the citizen and the credit card company should be reimbursed costs), social security numbers (the state and the citizen should be reimbursed costs, any details you wish to be altered should be done at that companies expense. What cost to the citizen, every single second of their time in arranging those things and the costs associated with delays in activity until

    • Government lawyers get paid a salary, they don't get a cut of the State's winnings.

      When they bring a case like this, it is a bunch of hard work that they have to fit into their schedule, for the same pay as if they don't do it.

      And in this case, a few of the larger states did all the work, and the rest just phoned in their agreement.

      The only way any of this money goes to riders and drivers is if any of them are American citizens, residents, or visitors. In that case they would benefit via their State.

  • For your $2.60 compensation!

  • So Equifax lost really sensitive data to the hacker black market and doesn't get fined, while Uber recovers less critical data and gets a substantial fine? I'm no fan of Uber and I guess neither were these states.

"All the people are so happy now, their heads are caving in. I'm glad they are a snowman with protective rubber skin" -- They Might Be Giants

Working...