APPS
APPS
APPS
Uber settles states’ investigation of 2016 data breach and coverup for $148M
Uber Technologies Inc. today disclosed that it has settled a multistate probe into a 2016 data breach that compromised 57 million of its users.
The company has agreed to pay $148 million as part of a deal encompassing all 50 states and Washington D.C., a fine that represents the biggest ever of its kind. The settlement comes 11 months after Uber disclosed the incident, which had taken place over a year earlier under previous Chief Executive Officer Travis Kalanick.
Hackers had managed to infiltrate a poorly secured GitHub repository belonging to the company and steal login credentials to an Amazon Web Services account. That account, in turn, contained some of the 57 million affected users’ personal information. The attackers managed to obtain names, email addresses and phone numbers as well as the driver’s license numbers of 607,000 Uber drivers.
What caused the incident to draw so much scrutiny was how Uber handled the situation. Bloomberg reported at the time that then-Chief Executive Kalanick found about the breach a month after the fact yet didn’t inform the public. To make matter worse, the company admitted that senior employees had paid the hackers $100,000 to delete the stolen data and keep the breach a secret.
Tim Erlin, vice president of product management and strategy at cybersecurity firm Tripwire, said in an email that the coverup contributed to the size of the settlement. “It’s a good reminder to all organizations of how a good breach response plan can help avoid poor decision-making in the midst of an incident,” he said.
Today’s settlement finally puts the embarrassing episode behind the company. In addition to the $148 million fine, the agreement includes terms requiring Uber to change its corporate culture and adapt new practices to prevent future breaches.
“We know that earning the trust of our customers and the regulators we work with globally is no easy feat,” Uber Chief Legal Officer Tony West wrote in a statement. “After all, trust is hard to gain and easy to lose. We’ll continue to invest in protections to keep our customers and their data safe and secure, and we’re committed to maintaining a constructive and collaborative relationship with governments around the world.”
Photo: Wikimedia
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
