Uber just paid $148 million for failing for over a year to notify drivers that hackers had stolen their personal information.
Uber Technologies Inc. have made an agreement with all 50 states and the District of Columbia over the 2016 massive data breach. Uber completely ignored laws that require notification of data breaches, and this is outrageous and inexcusable. The ride-sharing company hid evidence of the data breach and decided to pay a ransom to ensure that the data wouldn’t be used by hackers in malicious ways.
Uber learned in November 2016 that hackers had accessed personal data of drivers and preferred to pay $100,000 in ransom for the stolen information to be destroyed.
The hack also affected the names, email addresses and cell phone numbers of 57 million riders around the world.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Uber suffered significant management changes in the past year, their new chief legal officer, said that
“the principles by which we are running our business today are transparency, integrity, and accountability,” he also said. “An important component of living up to those principles means taking responsibility for past mistakes, learning from them, and moving forward.”
Uber is now obligated to comply with state consumer protection laws safeguarding personal information and to immediately notify authorities in case of a breach; they will have to establish methods to protect user data stored on third-party platforms and create strong password-protection policies.
Uber said that their new leadership visions coincide with the physical and digital safety improvements the company recently implemented. In order to be more secured, Uber hired a former general counsel to the National Security Agency and director of the National Counterterrorism Center as the company’s chief trust and security officer.
The payout will be divided by the number of drivers that each state has. For example, Illinois’ will get $8.5 million, and Madigan will get $100 for each affected Uber driver.
We will continue to monitor this cyber theft. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.