Uber will pay $148 million to settle a nationwide investigation into a 2016 data breach, in which a hacker managed to gain access to information belonging to 57 million riders and drivers. The breach included names and driver’s license numbers for 600,000 drivers.
The investigation, led by state attorneys general across the United States, focused on whether Uber had violated data breach notification laws by not informing consumers that their information had been compromised.
Rather than disclosing the breach when it occurred, Uber paid the hacker $100,000 through its bug bounty program, which financially rewards hackers for discovering and disclosing software flaws. The ride-hailing company persuaded him to delete the data and stay quiet about it with a nondisclosure agreement.
Monitor your credit reports for signs of identity theft. For more information, visit https://nyconsumerlaw.