Saturday, 2 December 2017

Uber Sued by Washington, Chicago, and Cook County Over 2016 Data Breach

Uber Sued by Washington, Chicago, and Cook County Over 2016 Data Breach


Uber Sued by Washington, Chicago, and Cook County Over 2016 Data Breach
Washington state sued the ride-hailing company Uberon Tuesday, saying it broke state law when it failed to notify more than 10,000 drivers that their personal information was accessed as part of a major data breach. Separately, the city of Chicago and the Cook County state's attorney are also suing Uber.
Last week, Uber acknowledged that more than a year ago, it paid hackers a $100,000 (roughly Rs. 64.4 lakhs) ransom to destroy personal data they stole concerning more than 57 million of the ride-hailing service's customers and drivers.
Several states, including Missouri, Massachusetts and New York, have opened investigations, and the city of Chicago sued Uber on Monday for failing to notify affected residents.
Washington Attorney General Bob Ferguson said that because the drivers' information that was accessed included names and license numbers, state law required Uber to notify them and his office within 45 days. Nearly 11,000 drivers in the state were affected.
"Washington law is clear: When a data breach puts people at risk, businesses must inform them," Ferguson said in a news release. "Uber's conduct has been truly stunning. There is no excuse for keeping this information from consumers."
The lawsuit seeks civil penalties in the millions of dollars. Violations carry fines of up to $2,000 (roughly Rs. 1.2 lakhs) apiece, and Ferguson said each day Uber failed to notify each customer constitutes a violation.
It also notes that Uber has run into trouble before for failing to notify users: New York fined the company $20,000 (roughly Rs. 12.8 lakhs) last year over a 2014 data breach.
Ferguson said that based on Uber's characterisation of the information hackers stole about Washington passengers, he does not believe Uber had a legal obligation to notify them.
In a statement Tuesday, Uber said it takes the matter seriously and is cooperating with regulators.
"We are committed to changing the way we do business, putting integrity at the core of every decision we make, and working hard to re-gain the trust of consumers," the statement said.
Ferguson announced the state's lawsuit hours after developments in a California court case revealed that federal prosecutors are investigating allegations that Uber deployed an espionage team to plunder trade secrets from its rivals.
That revelation prompted a delay in a high-profile trial over whether Uber stole self-driving car technology from Waymo, a Google spinoff.
Uber now faces at least four lawsuits, including three seeking class-action status, prompted by the data breach. The attorneys general of five states have launched investigations, and the Federal Trade Commission said it is closely evaluating reports of the hack.
The Chicago lawsuit alleges that Uber failed to safeguard the personal data of Illinois residents and further violated the law by withholding for an extended period of time the announcement of the data breach and concealing the hack through its ransom payment to the intruders. The lawsuit claims that Uber willfully exposed many Illinois residents to the risks of financial fraud, identity theft and tax scams.
The city seeks a declaration that Uber broke the law and a series of penalties that add up to hundreds of millions of dollars. The lawsuit asks the court to fine Uber $10,000 (roughly Rs. 6.4 lakhs) a day for every day the company failed to notify Chicago and Illinois residents of the data breach, which would amount to at least $3,650,000 (roughly Rs. 23.5 crores). Uber also faces penalties of up to $50,000 (roughly Rs. 32.2 lakhs) per individual violation, if the court finds that the company intended to defraud Illinois residents. Officials, however, do not yet know how many state residents were affected.
The lawsuit was filed on the same day that a group of four Republican senators, including Orrin G. Hatch, Utah, chairman of the Finance Committee, and John Thune, S.D., chairman of the Commerce Committee, sent a letter to Uber asking for more information about the hack. The lawmakers want to learn how Uber officials responded to the breach and the purpose of the reported payment to hackers. Sen. Mark R. Warner, D-Va., also sent a letter to Uber describing "grave concerns" over the data breach and asking for more details of what took place.

No comments:

Post a Comment

New Update

What Miley Cyrus Wrote in Her Letter to Hannah Montana

  Hannah Montana   premiered on the   Disney Channel   on March 24, 2006, meaning that yesterday was the   15th anniversary of the character...