(Courtesy photo)

(Courtesy photo)

Uber broke California law by concealing massive data hack, L.A. city attorney says

For more than a year, Uber Technologies Inc. concealed a massive hack that exposed the personal data of millions of drivers and riders, violating a California law that requires companies to promptly report such breaches, according to a lawsuit filed Monday by Los Angeles City Attorney Mike Feuer.

In October 2016, hackers stole the names, cellphone numbers and email addresses of more than 57 million riders across the world, as well as driver’s license numbers for 600,000 Uber drivers in the United States. Uber disclosed the hack last month.

Feuer filed the lawsuit in Los Angeles County Superior Court on behalf of California residents. The case will focus on Uber’s failure to disclose the data breach to Uber’s California drivers, he said.

California law requires companies to report hacks “in the most expedient time possible” and “without unreasonable delay” when some forms of personal data, including driver’s license numbers, are compromised. The law is designed to help consumers fight identity theft.

Instead, Uber paid the hackers $100,000 to destroy the data, pressured them to sign nondisclosure agreements, and portrayed the ransom as a payment to test the vulnerabilities of the company’s data security systems, according to the lawsuit.

“We’re taking action because we believe very strongly in the importance of protecting consumers,” Feuer said Monday at a news conference at Los Angeles City Hall.

Feuer said he doesn’t yet know how many drivers in California were affected in Uber’s lawsuit.

The lawsuit seeks $2,500 for each violation of the law. Any payments would be shared between the city and the county of Los Angeles, and would be spent on consumer protection efforts, Feuer said.

In a statement, an Uber spokesperson said the company is happy to address regulators’ questions, and is “committed to changing the way we do business, putting integrity at the core of every decision we make, and working hard to regain the trust of consumers.”

In January 2016, Uber paid a $20,000 fine to the New York attorney general for failing to promptly report a separate data breach in 2014. That previous disclosure, Monday’s lawsuit said, makes the company’s “gross conduct … even more alarming.”
California

Just Posted

National Weather Service flood watch in the San Francisco Bay Area for Sunday, Oct. 24, 2021. (National Weather Service via Bay City News)
Storm pounds Bay Area, leaving over 145,000 without power: Closures and updates

Torrential rainfall causes flooding, triggers evacuations in burn areas

On Sunday, California bore the brunt of what meteorologists referred to as a bomb cyclone and an atmospheric river, a convergence of storms that brought more than half a foot of rain to parts of the Bay Area, along with high winds, concerns about flash floods and the potential for heavy snow in the Sierra Nevada. Much of the Bay Area was under a flash flood watch on Sunday, with the National Weather Service warning of the potential for mudslides across the region. (NOAA via The New York Times)
Plan Bay Area 2050 is an expansive plan guiding the region’s growth and development over the next three decades. The regional plan addresses progressive policy priorities like a universal basic income and a region-wide rent cap, alongside massive new spending on affordable housing and transportation infrastructure. (Shutterstock)
Plan Bay Area 2050: Analyzing an extensive regional plan that covers the next 30 years

Here are the big ticket proposals in the $1.4 trillion proposal

A collaborative workspace for a decentralized autonomous organization (DAO) in Coordinape is pictured at a recent blockchain meet up at Atlas Cafe. <ins>(Kevin N. Hume/The Examiner)</ins>
Business without bosses: San Francisco innovators battle bureaucracy with blockchain

‘The next generation will work for three DAOs at the same time’

Most Read