Photo courtesy of Uber.

Attorney General Maura Healey announced a $148 million national settlement with Uber Wednesday over the company’s failure to promptly report a 2016 data breach that compromised the names, email addresses and cell phone numbers of 57 million users and the driver’s licenses of 600,000 drivers.  

Healey led a coalition of attorneys general from all 50 states and the District of Columbia in reaching the settlements that will pay $6.5 million into the Massachusetts General Fund and $600,000 to assist consumers and businesses and fund programs to protect victims of data breaches.  

“Uber failed to immediately report this data breach and tried to pay hush money to hackers,” Healey said in a statement. “This settlement should be a lesson to other businesses that consumers have a right to know when their personal information has been compromised.”  

Suffolk Superior Court must approve the settlement, which also requires Uber to follow state data breach and consumer protection laws and take steps to ensure the safeguarding of consumer and Uber driver personal information.  

In her complaint, Healey accused Uber of trying to cover up the data breach at the direction of its top executives by paying the hackers $100,000 in exchange for a non-disclosure agreement. Uber did not report the breach or notify its users and drivers until a year after the incident. 

Uber to Pay $148M in National Data Breach Settlement

by State House News Service time to read: 1 min