BALTIMORE, MD (September 26, 2018) - Maryland Attorney General Brian E. Frosh today announced a multistate settlement with California-based ride-sharing company Uber Technologies, Inc. (Uber) to address the company’s one-year delay in reporting a data breach involving the personal information of its drivers.
Uber learned in November 2016 that hackers had gained access to personal information that Uber maintains about its drivers, including the driver’s license information of approximately 600,000 drivers nationwide. Uber tracked down the hackers, and the states allege that Uber negotiated a deal in which Uber paid the hackers to delete the information and to not to disclose that the breach had ever occurred. Uber did not report the breach until November 2017, despite Maryland law requiring prompt breach notification to be provided to both affected individuals and the Attorney General.
“When personal information gets into the wrong hands because of a data breach, the chances of becoming a victim of identity greatly increase,” said Attorney General Frosh. “A one year delay in reporting a data breach makes the danger even greater for the victims.”
Read more in the full press release:http://www.marylandattorneygeneral.gov/press/2018/092618.pdf