Uber admits covering up 2016 data breach

As part of a settlement agreement, Uber has admitted to covering a 2016 data breach that affected 57 million passengers and drivers.

The company is also cooperating with the prosecution of former security chief Joseph Sullivan for his alleged role in covering up the attack.

U.S. Attorney Stephanie Hinds said Uber waited about a year before reporting the breach after a new executive “established a strong tone from the top” regarding compliance.

Hinds said that the decision not to prosecute Uber for late disclosure was based on the swift investigation and disclosures from the new management. The decision was also reached due to Uber’s agreement with the Federal Trade Commission (FTC) in 2018 to maintain a comprehensive data protection program for 20 years.

Uber paid a C$148 million settlement fee to all 50 states and Washington D.C. in 2018 for the company’s decision to cover up the data breach.

Uber’s security chief Sullivan was indicted for his role in covering up the attack, with prosecutors accusing Sullivan of agreeing to pay the hackers C$100,000 in bitcoin and ensuring they sign nondisclosure agreements falsely stating they had not stolen data.

The sources for this piece include an article in Reuters.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web