© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Uber dodges lawsuit by taking blame for data breach


Uber has admitted responsibility for a data breach in 2016 that exposed millions of its users to malicious hackers to avoid prosecution, the US Department of Justice has disclosed.

“Uber Technologies has entered a non-prosecution agreement with federal prosecutors to resolve a criminal investigation into the coverup of a significant data breach suffered by the company,” said the DoJ, citing the FBI and US Attorney’s office that investigated the case.

The concealed breach led to threat actors accessing and copying a trove of data “pertaining to approximately 57 million user records with 600,000 drivers’ license numbers” after using stolen credentials to access a private database.

Uber did not disclose the incident to the Federal Trade Commission (FTC) until a year later, by which time it was under new management.

“Upon learning of the 2016 data breach, the new leadership team investigated and disclosed it to affected drivers, to the public, to law enforcement, and to foreign and domestic regulators, including state attorneys general and the FTC,” said the DoJ.

The non-prosecution agreement filed on July 22 with the US Attorney’s office in northern California states that Uber admits its staff failed to report the breach when it occurred in November 2016, despite a pending investigation by the FTC into the controversial company.

It also confirms that in October 2018, one year after finally admitting it, “Uber agreed to maintain a comprehensive privacy program for 20 years and to report to the FTC any incident reported to other government agencies relating to unauthorized intrusion into individuals’ consumer information.”

The agreement also claims that Uber “has invested substantial resources to significantly restructure and enhance the company’s compliance, legal, and security functions” since the incident.

The US-based ride-hailing service platform has come under fire in recent years, and is banned in cities around the world amid claims it flouted local laws, duped police, and exploited violence against drivers.


More from Cybernews:

Cyberstalking likely to increase in Post-Roe America

Amadey Bot pushed via SmokeLoader malware

Google booted engineer who deemed AI chatbot sentient

The rise of racist machines

LockBit claims to have breached Agenzia Entrate

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked