Pennsylvania AG Demands Uber to Provide Info on Massive Security Breach

FILE PHOTO - A man arrives at the Uber offices in Queens, New York, U.S., February 2, 2017. REUTERS/Brendan McDermid/File Photo

Pennsylvania Attorney General Josh Shapiro asked Uber to provide information regarding the massive security breach that impacted millions of people worldwide.

Last week, Uber disclosed that hackers illegally accessed its users’ data stored on a third-party cloud-based service. The data breach affected 57 million people worldwide including 600,000 Uber drives in the United States.

The Pennsylvania AG’s Office through its Bureau of Consumer Protection demanded Uber to provide the following:

  1. The exact date Uber discovered the hack
  2. The number of affected drivers and riders in Pennsylvania and nationwide
  3. The specific kinds of information and data which were compromised
  4. Uber’s response to the Bureau of Consumer Protection is due December 15, 2017

The AG’s Office wants to determine if Uber violated Pennsylvania’s Breach of Personal Information Notification Act and Consumer Protection Law.

Pennsylvania AG wants to push real change in corporate behavior

In a statement, AG Shapiro said they need to force companies to change the way they do their business. If not data breaches will continue to happen, which compromises the personal and financial information of Americans.

Pennsylvania AG Josh Shapiro demands info uber security breach

He said. “We need to require change in corporate culture and put consumers’ security ahead of profits.”

In Pennsylvania, the hacking incident impacted 13,000 Uber drivers, according to the AG’s office. Uber is sending notices to Pennsylvania drivers regarding the security breach.

AG Shapiro emphasized, “Our goal is to force real change in corporate behavior.” He added that his office wants to ensure that companies like Uber take appropriate steps and utilize the best technology to protest consumers’ sensitive data.

Uber providing drivers with free credit monitoring, identity theft protection

In a statement last week, Uber CEO Dara Khosrowshani said the hackers downloaded significant amount of information including the names and driver’s license numbers. However, there is no evidence that they stole trip location history, credit card numbers, bank account numbers, date of birth, or Social Security numbers.

According to her, Uber is providing drivers with free credit monitoring and identity theft protection.  They are changing the way the company does business and putting integrity at the core of every decision.