Uber Technologies Inc. has agreed to pay 148 million U.S. dollars for the company's one-year delay in reporting a data breach affecting some 600,000 American drivers.
Attorney General of Illinois Lisa Madigan announced the settlement on Wednesday between the California-based ride-sharing company and all 50 U.S. states and the District of Columbia.
Uber learned in November 2016 that hackers had gained access to personal information that Uber maintains about its drivers, including drivers' license information.
"Uber completely disregarded Illinois' breach notification law when it waited more than a year to alert people to a serious data breach," Madigan said.
"While Uber is now taking the appropriate steps to protect the data of its drivers in Illinois and across the country, the company's initial response was unacceptable. Companies cannot hide when they break the law," she added.
As part of the nationwide settlement, Illinois will receive nearly 8.5 million U.S. dollars. Madigan's office will provide 100 dollars of payment to each Illinois Uber driver whose information was accessed during the 2016 breach, though some of those drivers may no longer be driving for Uber.
In addition, Uber has agreed to strengthen its data security practices and corporate governance to help prevent a similar occurrence in the future.
Latest comments