Uber has agreed to an updated settlement with the Federal Trade Commission (FTC). The organization was charged last year for deceiving customers with its privacy and data security practices. The new settlement considers Uber’s massive 2016 data breach. In the original settlement, the FTC reported that Uber failed to live up to its claims that it closely monitored employees’ access to rider and driver data. Additionally, it failed to live up to that it implemented measures to secure personal data on the third-party cloud servers. After the original settlement, FTC learned that Uber failed to disclose a breach of user data. As a result, FTC updated its complaint to note that Uber knew about the breach and paid the attackers $100,000 through a “bug bounty program” to keep things quiet. In the new agreement, Uber is required to disclose future incidents involving consumer data and all reports from required third-party audits of its privacy program.
https://www.darkreading.com/attacks-breaches/uber-agrees-to-new-ftc-settlement-over-2016-breach-disclosure/d/d-id/1331525
Leave a Reply
You must be logged in to post a comment.