The state could seek as much as $13.5 million in penalties from the ride-hailing firm for its response to the 2016 breach.

Pennsylvania Attorney General Josh Shapiro is suing Uber for taking more than a year to notify thousands of drivers in the
Keystone State that their information was stolen in 2016.

In December, it came to light that hackers in 2016 stole data pertaining to 57 million Uber riders worldwide, as well data on more
than 7 million drivers. Uber concealed the breach for more than a year.

That data breach impacted at least 13,500 Pennsylvania Uber drivers, according to Shapiro’s office. Under the Pennsylvania Breach
of Personal Information Notification Act, Uber should have notified those drivers of the breach within a “reasonable” time frame.

“Uber violated Pennsylvania law by failing to put our residents on timely notice of this massive data breach,” Shapiro said in a
statement. He noted that instead of notifying impacted riders and drivers of the incident, Uber reportedly paid a hacker to keep
it under wraps.

Shapiro called this “outrageous corporate misconduct.”

Under Pennsylvania’s data breach law, the attorney general can sue Uber for up to $1,000 for each violation. With at least 13,500
Pennsylvanians, impacted, it could seek up to $13.5 million from the ride-hailing firm.

Shapiro is one of 43 state attorneys general investigating the data breach, his office said.

The data breach came to light just a few months after Dara Khosrowshahi stepped up as the new CEO of the embattled business. In a
statement to CNET, an Uber spokesperson said the company’s new leadership “has taken a series of steps to be accountable and
respond responsibly” to the breach. “While we dispute the accuracy of some of the characterizations in the Pennsylvania Attorney
General’s lawsuit, we will continue to cooperate with them and ask only that we be treated fairly.”

From:http://www.zdnet.com/article/pennsylvania-attorney-general-sues-uber-over-delayed-data-breach-notification/

About OsMonitor:

The mission of OsMonitor is to create a Windows computer system tailored for work purposes, effectively regulating employee computer behavior. It enables employers to understand what employees are doing each day, monitoring every action, including screen activity and internet usage. Additionally, it restricts employees from engaging in specific activities such as online shopping, gaming, and the use of USB drives.

OsMonitor, designed purely as software, is remarkably user-friendly and requires no additional hardware modifications. A single management machine can oversee all employee computers. As a leading brand in employee computer monitoring software with over a decade of successful operation, OsMonitor has rapidly captured the global market with its minimal file size and excellent cost-effectiveness compared to similar software. At this moment, thousands of business computers worldwide are running OsMonitor daily.

Download OsMonitor Free Trial