Uber has had its history of complaints, fines, and lawsuits. From your basic overcharge to being penalized for hiring unqualified drivers, the trendy company has had its bouts in the court of public and legal opinion. Yesterday, the Pennsylvania Attorney General, Josh Shapiro, filed a lawsuit against the corporation. The lawsuit alleges that the riding service did not alert PA officials of a massive data breach with diligence. In the press release, Shapiro states:
“Uber violated Pennsylvania law by failing to put our residents on timely notice of this massive data breach…Instead of notifying impacted consumers of the breach within a reasonable amount of time, Uber hid the incident for over a year — and actually paid the hackers to delete the data and stay quiet.”
Uber suffered a major hack in 2016 and didn’t notify the populace until over a calendar year later. The company then attempted to cover up the attack according to Shapiro: “When it learned about the 2016 data breach, Uber did not notify law enforcement authorities or consumers about the breach. Instead, Uber paid the hackers at least $100,000 to delete the acquired consumer data and keep quiet about the breach.”
The security breach fringed on 25 million users in the United States, about a quarter of which drove for the company. According to the release about 13,500 PA drivers information was seized in the attack. The information includes driver’s license numbers, names, addresses, and more. Shapiro called the ordeal an “[o]utrageous corporate misconduct.” Shapiro will attempt to sue for $1,000 for each infraction. The sum tallying up to 13.5 million dollars in total.
The Pennsylvania Attorney General is also urging drivers who believe they may have been compromised to call the Bureau of Protection at 1-800-441-2555 or email them at firstname.lastname@example.org. They also alert PA citizens to monitor their credit reports to protect them from future violations.