- U.S. senators said Monday that they needed more information on the timeline of Uber’s data breach and the employees involved.
- On Nov. 21, Uber CEO Dara Khosrowshahi said that hackers stole data from 57 million Uber users and drivers.
- Uber paid hackers $100,000 to delete the data and keep the breach under wraps, and the company did not report the incident.
A group of U.S. senators sent a letter to Uber’s CEO on Monday saying the company’s recently revealed data breach “merits further scrutiny.”
Hackers stole data from 57 million Uber drivers and users, Chief Executive Dara Khosrowshahi revealed on Nov. 21. Uber paid hackers $100,000 to delete the data and keep the breach under wraps, and the company did not report the incident for more than a year.
Khosrowshahi, who was not employed at Uber when the breach occurred in 2016, has offered affected drivers free credit monitoring and identity theft protection. The company also fired Chief Security Officer Joe Sullivan.
Lawmakers said Monday that they need more information on the timeline of the incident and the employees involved.
“[T]he nature of the information currently acknowledged to have been compromised, together with the allegation that the company concealed the breach without notifying affected drivers and consumers, and prior privacy concerns at Uber, makes this a serious incident that merits further scrutiny,” the senators wrote.
John Thune, R-S.D., chairman of the Commerce Committee, and Orrin Hatch, R-Utah, chairman of the Finance Committee, signed the letter, as did Consumer Protection Subcommittee Chairman Jerry Moran, R-Kan., and Social Security Subcommittee Chairman Bill Cassidy, R-La.
Separately, Sen. Mark Warner, D-Va., who serves on the Senate Intelligence Committee, also sent a letter to Uber, saying the company’s conduct “raises serious questions about the company’s compliance with relevant state and federal regulations.”
Uber said it is cooperating with the Senate committees.