Uber To Pay $20,000 For Information Breach

Posted: Jan 7 2016, 8:27am CST | by , in News | Latest Business News


Uber to Pay $20,000 For Information Breach
Photo Credit: Getty Images

Snag-a-ride giant Uber has agreed to pay a $20,000 fine in a settlement dating back to 2014 with New York Attorney General Eric T. Schneiderman. The penalty comes after the company failed to inform drivers of a data breach with their personal information in a timely manner.

The company, who is currently facing more and more competition from other services, also agreed that they would tighten employee access to the geo-location of their passengers. This comes after a report that the company's executives were given an aerial "God View" of that information.

Uber notified the Attorney General's office on February 26, 2015 that the names and license numbers of drivers were being accessed by an unauthorized third party in a data breach that was discovered around September 2014. The fine, according to Computer World, was because the company did not provide information to either the drivers or the attorney general's office in a timely manner.

According to the report from the Attorney General, an Uber worker posted an access ID for Uber's cloud storage on Github.com in early 2014. Around May 12, 2014, someone who was not linked to Uber was able to gain access to the database and get the information.

This isn't the first time Uber has run into problems. In 2014, BuzzFeed reported that an Uber executive used God View to track the ride of a reporter, without his permission. The controversy was one of the main reasons that U.S. Senator Al Franken and the entire Senate Subcommittee on Privacy, Technology, and the Law to look into some of Uber's privacy policies.

Schneiderman started his investigation in November 2014, which also included how Uber handles customer information like names, phone numbers, email addresses, and payment information.

"Uber also collects the geographic location of riders and drivers in real time," according to the statement from Schneiderman's office. But Uber has now agreed under the settlement "to maintain and store GPS-based location information in a password-protected environment, and encrypt the information when in transit."

The company has said that they will also take measures to limit the access to geo-location information that certain employees have access to through business controls.

You May Like


The Author

<a href="/latest_stories/all/all/46" rel="author">Noel Diem</a>
Noel passion is to write about geek culture.




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

You Also Like


Read the Latest from I4U News