Lawsuit Filed Against Uber
This past Monday, a lawsuit was filed against Uber in California for concealing a massive hack that exposed the personal data of millions of drivers and riders, violating a California Data Breach Notification law that requires companies to promptly report such breaches.
In October of 2016, the hackers stole the names, cellphone numbers, and email addresses of more than 57 million riders across the world, as well as driver’s license numbers for 600,000 Uber drivers in the United States. Uber did not disclose the hack until last month. Rather than disclosing the data breach promptly, Uber decided to pay the hackers $100,000 to destroy the data and sign nondisclosure agreements.
You may be wondering how this affects you. Well, California law requires companies to report data breaches in the most expedient way possible in order to protect consumers against the possibility of identify theft. If data breaches are not disclosed immediately, it allows hackers additional time to compromise your personal and financial information. All but two states (Alabama & South Dakota) have similar data breach notification laws to protect their citizens. Uber may have additional troubles ahead.