SEP 26, 2018
(COLUMBIA, S.C.) - Sept. 26, 2018 - Attorney General Alan Wilson announced that he, along with the other 49 states and the District of Columbia, has reached an agreement with California-based ride-sharing company Uber Technologies, Inc. (Uber) to address the company’s one-year delay in reporting a data breach to its affected drivers.
Uber learned in November 2016 that hackers had gained access to some personal information that Uber maintains about its drivers, including drivers’ license information pertaining to approximately 600,000 drivers nationwide. Uber tracked down the hackers and obtained assurances that the hackers deleted the information. However, even though some of that information, namely drivers’ license numbers for Uber drivers, triggered South Carolina law requiring them to notify affected South Carolina residents, Uber failed to report the breach in a timely manner, waiting until November 2017 to report it.
“South Carolina’s law requiring companies to report data breaches is there to protect our people and clearly Uber didn’t comply with that law,” Attorney General Wilson said. “I’m glad the company has agreed to this settlement and will take steps to make sure this doesn’t happen again.”
As part of the nationwide settlement, Uber has agreed to pay $148 million to the states. South Carolina's share will be $1,203,386.93. There were 5,163 Uber drivers affected in South Carolina. In addition, Uber has agreed to strengthen its corporate governance and data security practices to help prevent a similar occurrence in the future.
The settlement between the state of South Carolina and Uber requires the company to:
All 50 states and the District of Columbia are participating in this multistate agreement with Uber.
For media inquiries please contact Robert Kittle, [email protected] or 803-734-3670
Media Contact