The breach took place in October 2016 and the leaked data includes names, email addresses and mobile phone numbers that related to Uber accounts.
The case was filed against Uber for violating Pennsylvania’s data breach notification law. More than 13,500 Pennsylvania Uber drivers were affected by the breach.
“Uber violated Pennsylvania law by failing to put our residents on timely notice of this data breach,” Attorney General Josh Shapiro said. Uber tried to hide the incident by paying to hacker instead of notifying to the customer about the incident.
“The Pennsylvania Attorney General’s case against Uber was settled as part of the national settlement announced today, which will require to pay $148 million to the 51 participating Attorneys General and Uber drivers.” reads the press release.
In addition to the settlement agreed to take precautions to protect any user data, strong password policies, to deploy overall data security policy, third-party to asses Uber’s data security efforts and to implement corporate integrity program.
Things Need to follow post-Data Breach
If you are a customer of an organization, that has suffered a data breach, you would need to know the steps to mitigate the effect of the data breach and do it quickly.
These steps will differ, based on the situation surrounding the breach and the vulnerability of the stolen information. Importantly, consider the current situation:
- Verify that the breach has taken place, affecting your data
- What kind of data breach has taken place?
- Was your data or credentials affected in the data breach?
- Has any data concerning your personal information been stolen, or is the breach more constrained?
- Do you have proof that the cybercriminals have done anything with your personal data, such as used it to carry out identity theft?