Published: Thu, November 30, 2017
Science | By Eileen Rhodes

LTFRB sets probe into Uber data breach

LTFRB sets probe into Uber data breach

According to Uber, the 2.7 million figure is "approximate rather than an accurate and definitive account" - this is because the information gathered by the firm's app does not always specify where users live.

It was reported recently that Uber discovered that it suffered a major data breach in 2016.

Hackers stole names, email addresses, and phone numbers of Uber's riders and drivers in October 2016.

"Washington law is clear: When a data breach puts people at risk, businesses must inform them", Ferguson said in a statement on Tuesday. With investigations under way by the attorneys general of Connecticut, Illinois, Massachusetts, Missouri, New Mexico, and NY, there will likely be more on this front soon.

"It is always the company's responsibility to identify when United Kingdom citizens have been affected as part of a data breach and to take steps to reduce any harm to consumers, and it is welcome Uber has done this".

The firm has said it has a total of five million active users and 50,000 drivers in the UK.

More news: Egypt Air 777 and Virgin A330 minor collision at JFK

Had the incident taken place after the introduction of the EU's General Data Protection Regulations (GDPR) next May, the penalties could have been more severe. "Consumers expect and deserve protection from disclosure of their personal information".

Uber has been forced to quit several countries, including Denmark and Hungary, and faced regulatory battles in multiple USA states and around the world. With the announcement, San Francisco-based Uber said it concealed the breach for a year after paying $100,000 in ransom for the stolen information to be destroyed.

When news of the breach was revealed last week, chief executive Dara Khosrowshahi said, "None of this should have happened, and I will not make excuses for it".

Representatives of the authorities met in Brussels today to go over information Uber provided since the breach became public.

"Defendant's conduct is made more egregious by the fact that Uber paid the hackers to delete the personal information and keep quiet about the breach", Ferguson wrote in the lawsuit, filed in King County Superior Court.

"We have seen no evidence of fraud or misuse tied to the incident".

Like this: