Uber has agreed to pay $148m to settle claims related to its 2016 large-scale breach which saw more than 25 million US users' personal information exposed.
The data breach, which only came to the public's awareness a full year after the incident following Uber's failure to disclose it, saw hackers obtain 607,000 US drivers' licenses, as well as millions of other personal details such as email addresses and phone numbers.
Bloomberg News revealed in 2017 that then Uber CEO Travis Kalanick had been informed of the breach which resulted in the theft of personal data from 57 million global Uber customers. However, instead of informing the necessary authorities, Kalanick opted to pay the hackers $100,000 to delete all the data they had stolen and keep it quiet.
Visit Innovation Enterprise's Chief Data Officer Summit, part of DATAx New York on December 12–13, 2018
This has resulted in the largest fine associated to a data breach in US history. Government officials had stated their intent to take a much harder stance on tech companies who behave recklessly by pursuing profit rather than ensure the safety of their customers' data.
Following the settlement, New York State attorney general Barbara Underwood said in a statement: "This record settlement should send a clear message: We have zero tolerance for those who skirt the law and leave consumer and employee information vulnerable to exploitation."