Uber and FTC Reach Agreement on Expanded Settlement for 2016 Data Breach


[H]F Junkie
Apr 25, 2001
Uber and the FTC have agreed on an expanded settlement over the 2016 data breach of millions of customers information. The FTC claims Uber mislead their customers about their privacy and security practices and then hid the 2016 data breach from the FTC. Not a good idea to hide a data breach when you're being investigated for a previous one. The new agreement requires Uber to notify the FTC of future breaches and to refrain from further misleading conduct. The penalties for failure to abide by the new agreement includes civil penalties for non-compliance.

"After misleading consumers about its privacy and security practices, Uber compounded its misconduct by failing to inform the Commission that it suffered another data breach in 2016 while the Commission was investigating the company's strikingly similar 2014 breach," said Acting FTC Chairman Maureen K. Ohlhausen in a statement. "The strengthened provisions of the expanded settlement are designed to ensure that Uber does not engage in similar misconduct in the future."