Uber continues to be haunted by mistakes it made while Travis Kalanick was at the helm.
Chicago has filed a lawsuit on behalf of Illinois residents against Uber for skirting its legal obligation to disclose a 2016 data breach impacting 57 million users, according to Recorder. The ride hailing company paid the hackers $100,000 and had them sign a non-disclosure agreement to keep the incident under wraps.
The city alleges in its lawsuit that, in addition to concealing the breach, Uber failed to follow through on promises, which Chicago says could have prevented it.
“After the details of Uber’s May 12, 2014 data breach were revealed to the public, Uber was investigated by a number of state and federal regulators that were concerned about its inadequate data security practices,” the suit reads. “Uber ultimately promised to bolster its data security policies by, inter alia, adopting protective technologies for the storage, access, and transfer of private information … less than a year later the same failures led to a breach that was one thousand times worse.”
The hackers accessed 50 million riders, and 7 million drivers’ personal information — including roughly 600,000 United States drivers’ license numbers.
The breach and subsequent coverup both unsurprisingly happened during Kalanick’s tenure as CEO. Kalanick, Uber’s founder, was forced out of his position in June due to a laundry list of scandals.
“We take this matter very seriously and we are happy to answer any questions regulators may have,” an Uber spokesperson told Recoder. “We are committed to changing the way we do business, putting integrity at the core of every decision we make, and working hard to re-gain the trust of consumers.”
Chicago is requesting that Uber face a $50,000 fine for violating the Illinois Consumer Fraud Act, as well as a $10,000 for each day that it violated Illinois’ ordinance on the disclosure of information.