Chicago has recently filed a lawsuit against Uber for paying a team of hackers $100,000 to delete stolen data on 57 million riders and drivers worldwide. In the 10-26-2016 breach, seven million U.S. drivers got their data compromised.
The data breach was kept a secret for more than a year even though the company’s founder Travis Kalanick first learned about it in November 2016. Last week, Illinois attorney general’s office said they launched a probe into the matter.
Instead of notifying authorities and affected users about the massive data leak, Uber decided to pay the two hackers hush money and sweep the entire thing under the carpet. The hackers reportedly agreed to sign non-disclosure agreements.
Chicago also accuses the company of failing to address the cyber vulnerabilities that lead to the attack in due time. The said vulnerabilities had enabled another data breach to occur in 2014.
According to court documents, authorities are concerned about Uber’s shady “data security practices”. Even though Uber had promised to address the vulnerabilities after the 2014 hack, the same failures resulted in another cyber-attack that was “1,000 times worse,” the suit alleges.
Chicago Wants Uber to Pay for the Breach
The municipality is suing the taxi-app firm on behalf of all state residents, asking for monetary compensation. Chicago wants Uber to pay $10,000 for each day that it had failed to comply with the state laws on public info disclosure.
Chicago also wants Uber to pay a $50,000 fine for defrauding consumers.
Connecticut, New York, Missouri, and Massachusetts all said that they started separate investigations into the Uber hack. Hackers gained access to millions of consumers’ e-mails, names, and telephone numbers. Around 600,000 driver’s license numbers were compromised in the attack.
Meanwhile, Congress is questioning the company on the timing of the disclosure of the hack. Some congressmen want a complete timeline of what the firm had known about the attack before the public.
Image Source: Maxpixel