The much maligned ride-hailing firm Uber hid a monumental global data breach which included the personal information of 57 million worldwide customers and drivers nearly two years ago.
What made it worse was that the private hire company failed to pass on the details of the 2016 hack to individuals and regulators and even admitted they had paid the hackers $100,000 to wipe clean the data stolen and stay nothing on the breach.
Upon finding the details of the breach Uber’s new chief executive, Dara Khosrowshahi, said in a statement back in November 2017 “None of this should have happened, and I will not make excuses for it,
“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
So what’s happened two years on from the breach and nearly a year from it being announced?
Today, Uber agreed to pay a total of $148 million to 50 US states as a settlement for their failings.
Tony West, Uber’s Chief Legal Officer said today:
“Our current management team’s decision to disclose the incident was not only the right thing to do, it embodies the principles by which we are running our business today: transparency, integrity, and accountability. An important component of living up to those principles means taking responsibility for past mistakes, learning from them, and moving forward.
“So I’m pleased that we’ve reached an agreement with the attorneys general of all 50 states and the District of Columbia to resolve their legal inquiries on this matter.
“The commitments we’re making in this agreement are in line with our focus on both physical and digital safety for our customers, as exemplified by our recent announcement of a host of safety and security improvements and our recent hiring of experts like Ruby Zefo as Chief Privacy Officer and Matt Olsen as Chief Trust & Security Officer.
“We know that earning the trust of our customers and the regulators we work with globally is no easy feat. After all, trust is hard to gain and easy to lose. We’ll continue to invest in protections to keep our customers and their data safe and secure, and we’re committed to maintaining a constructive and collaborative relationship with governments around the world.”