Uber Settles Data Breach Lawsuit with 50 States for $148 Million


Fully [H]
Apr 10, 2003
Uber has reached a $148 million settlement with state attorneys general in all 50 states with varying amounts being distributed to each state. The legal matter that was settled was in reference to the 2016 data breach in which Uber failed to notify the 57 million customers affected by it for over a year. The stolen customer data affected the citizens of various countries and included 600,000 driver's license numbers. Uber violated numerous data breach reporting and data security laws with the cover-up and still faces multiple lawsuits from customers and cities related to the data breach. Uber even paid the hacker to keep the data breach a secret.

The settlement terms include changes to Uber's business practices aimed at preventing future breaches and reforming its corporate culture. Uber will be required to report any data security incidents to states on a quarterly basis for the next two years, and implement a comprehensive information security program overseen by an executive officer who advises executive staff and Uber's board of directors.
So...50 state attorneys (and one hacker) can now afford their own limo service and not be at the mercy of some lowest bidder driving a used prius. Drive-Thru Justice is served.
Let's see, 57 million customers get screwed and the 50 states get paid the money to piss away? Makes sense. :rolleyes:

Pretty much.

Many complaints/fines work like this and they rarely get passed back to the complaining parties.
So roughly $3 per un-notified customer? Imagine the fine if identity theft victims received a similar payout as the xxAA groups claim they are due for pirated movies and songs?