Healthcare Compliance Training and Certification

Cybersecurity | HIPAA News

Uber Settles Data Breach by Paying $148m

by | Oct 1, 2018

Uber, the peer-to-peer ridesharing, taxi cab, food delivery, bicycle-sharing and transportation network company has settled a fine in relation to a 2016 cyber-attack that exposed data from 57 million customers and drivers for $148m.

The payment in question settles the legal action taken by the US government, and 50 states, in relation to Uber’s attempts to hide the specific details of the data breach. Following the breach, Uber made significant efforts to keep the details of it hidden it from data regulators. Those responsible to for the hacking attack were paid $100,000 by Uber to erase the data they obtained from the cloud servers that were breached.

In November 2017 Uber released some details in relation to the breach and accepted that it should have shared more specific details in relation to the cyberattack. Uber Chief Executive Officer Dara Khosrowshahi released a statement that said: “None of this should have happened, and I will not make excuses for it”.

As part of the response to the incident two Uber security officials were fired for the way in which they handled the incident. The range of data breached included the personal data from 57 million Uber accounts which incorporated 600,000 driving licence numbers. Other Legal actions submitted by affected drivers, Uber customers and the governing authorities in cities of Los Angeles and Chicago over the breach are ongoing.

Uber’s Chief Legal Officer Tony West said in a statement: “We know that earning the trust of our customers and the regulators we work with globally is no easy feat. We’ll continue to invest in protections to keep our customers and their data safe and secure, and we’re committed to maintaining a constructive and collaborative relationship with governments around the world.”

As well as paying the fine, Uber has also pledged to change how it operates, to prevent it falling victim in the same way again. It will also be required to submit regular reports on security incidents to regulators.

As long as companies fail to address flaws in their cybersecurity policies and the processes that they follow in the, unfortunate, event of a private data breach then fines of this nature are going to continue increasing.

 

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

COMPREHENSIVE HIPAA TRAINING

Ryan Coyne

Ryan Coyne is a results-driven leader in the healthcare compliance industry, specializing in regulatory compliance, compliance training, and assisting healthcare organizations and business associates in achieving and maintaining compliance. With a deep knowledge of healthcare regulations and a keen understanding of the challenges faced by the industry, Ryan has developed a reputation as a trusted advisor and advocate for ethical and compliant practices in healthcare. Ryan has successfully advised and guided numerous healthcare organizations, business associates, and healthcare professionals on achieving and maintaining compliance with regulatory training requirements. Ryan's professional focus is using his in-depth expertise and leading a world class team of subject matter experts at ComplianceJunction in regulatory compliance to help organisations navigate the complex landscape of ensuring staff adhere to healthcare regulations. You can connect with Ryan via LinkedIn and follow on Twitter

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy