Uber Paid Hackers 100K In Hush Money. Now Must Pay $148 Million To US States


Daily Caller News Foundation logo
Grace Carr Reporter
Font Size:

Uber Technologies, Inc. has agreed to pay $148 million in a nation-wide settlement compensating for its year-long failure to report a data breach affecting roughly 57 million drivers and customers.

All 50 U.S. states and the District of Columbia have entered into the multi-state settlement agreement with the ride-sharing company after hackers accessed 607,000 driver’s license numbers along with the email address and phone numbers of many Uber customers, Bloomberg reported Wednesday.

“Failing to report data breaches as soon as possible can harm consumers,” Attorney Tom General Miller said, according to a Wednesday news release. “If notified, consumers can take actions such as monitoring and freezing their credit reports to prevent identity theft.” Iowa will receive $612,950.24 that will go to the state’s Consumer Education and Litigation Fund. Miller also levied a lawsuit against Uber alleging it violated Iowa’s Consumer Fraud Act.

The sum is the largest data-breach settlement in history, according to Bloomberg.

The payout comes after the ride-sharing company allegedly sought to cover up the massive security breach in 2016 by paying hackers $100,000. Uber paid the hush money in hopes that hackers would delete the stolen data, allowing the company to sweep the security lapse under the rug.

Uber told its customers about the hack in 2015, but shared only that 50,000 drivers licenses had been compromised. (RELATED: Experts Say Uber Needs To Regain Public Trust After Data Breach Cover-Up)

“None of this should have happened, and I will not make excuses for it,” Uber CEO Dara Khosrowshahi, said in a statement, Bloomberg reported. Khosrowshahi replaced Travis Kalanick who resigned as Uber CEO in June 2017.

“I’m pleased that we’ve reached an agreement with the attorneys general of all 50 states and the District of Columbia,” Uber’s chief legal officer Tony West wrote in a Wednesday statement. “We’ll continue to invest in protections to keep our customers and their data safe and secure.”

Follow Grace on Twitter.

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact