Lawmakers sent a letter to Dara Khosrowshahi, the chief executive of Uber, saying that the data breach, which the company paid hackers to cover up for about a year, “merits further scrutiny.”
According to a news report in CNBC citing a group of senators, the lawmakers want more information on when the incident happened, the employees who were involved and the actions taken afterwards.
“The nature of the information currently acknowledged to have been compromised, together with the allegation that the company concealed the breach without notifying affected drivers and consumers and prior privacy concerns at Uber makes this a serious incident that merits further scrutiny,” the senators wrote.
The lawmakers who signed that letter include John Thune, chairman of the Commerce Committee; Orrin Hatch, chairman of the Finance Committee; Jerry Moran, chairman of the Commerce Subcommittee for Consumer Protection, Product Safety, Insurance and Data Security; and Bill Cassidy, chairman of the Social Security Subcommittee. Senator Mark Warner, who is part of the Senate Intelligence Committee, also sent Uber a letter saying the conduct in the wake of the hack “raises serious questions about the company’s compliance with relevant state and federal regulations.”
It took more than a year for Uber to disclose the massive data breach, which exposed the names, email addresses and phone numbers of millions of passengers, as well as 600,000 drivers’ license numbers. To make matters worse, the company paid a $100,000 ransom to the hackers in exchange for deleting the stolen data and hiding the theft of the personal information of 57 million customers and drivers.
In addition to the lawmakers’ questions, Uber faces at least three potential class-action lawsuits. According to The Wall Street Journal, Uber is also under investigation by the attorneys general of New York, Missouri, Massachusetts, Connecticut and Illinois.