By Brendon Kleen | Phoenix Business Journal
Uber Technologies, Inc. will pay $148 million in total across all 50 states in a settlement over the ride-sharing company’s delay in reporting a data breach among its drivers, with Arizona receiving $2.7 million, according to Arizona Attorney General Mark Brnovich.
The company waited until November 2017 to report a data breach from November 2016 that led to hackers gaining access to the personal information of more than 600,000 drivers nationwide. Failing to report the breach in a timely manner is a violation of Arizona law.
A statement from the attorney general said the state would give $100 to each of the drivers in Arizona as part of the settlement, to be handed out by a retained settlement administrator. In addition, Uber will be required to “comply with Arizona data-breach and consumer-protection law regarding residents’ personal information and notify residents in the event of a data breach concerning their personal information.”
The company also agreed to strengthen its corporate governance and data-security practices as part of the overall settlement.