Uber Technologies Inc. on Friday accepted the responsibility to cover up the 2016 data violations that affected 57 million passengers and drivers, as part of the settlement with the US prosecutor to avoid criminal demands.
In entering a non-prosecution agreement, Uber admitted that his personnel failed to report the November 2016 hack to the US Federal Trade Commission, even though the agency had investigated the security of the company’s data sharing.
US lawyer Stephanie Hinds in San Francisco said Uber waited for about a year to report violations, after installing a new executive leadership who “set a strong tone from above” regarding ethics and compliance.
Hinds said the decision not to demand Uber’s criminal reflects the investigation and disclosure of fast management, and the 2018 Uber Agreement with FTC to maintain a comprehensive privacy program for 20 years.
The company based in San Francisco also cooperates with the prosecution of a former head of security, Joseph Sullivan, for his alleged role in hiding hacking.
Uber did not immediately respond to a comment request.
Sullivan was originally charged in September 2020. Prosecutors said Sullivan regulated to pay a hacker $ 100,000 in Bitcoin and asked them to sign the Nondisclosure agreement which mistakenly stated that they had not stolen data.
Uber has a gift program designed to respect security researchers who report deficiencies, but not to cover up data theft.
In September 2018, Uber paid $ 148 million to complete claims by 50 US and Washington states, D.C., that it was too slow to express hacking.
Uber shares closed down 93 cents on $ 23.30 on Friday. Non-Practice Agreement was disclosed after the US market was closed.