San Francisco (Reuters) – Uber Technologies Inc has settled with the top legal officers in all 50 U.S. states over a massive data breach that the company failed to disclose in 2016, resolving one of the more catastrophic embarrassments that have engulfed the ride-hailing company over the last couple of years.
State attorneys general said on Wednesday that Uber will pay a fine of $148 million, to be distributed in varying amounts across the states and Washington, D.C..
The settlement follows a 10-month investigation into a data breach that exposed personal data from around 57 million accounts, including 600,000 driver’s license numbers. The terms also include changes to Uber’s business practices to prevent future breaches and to reform its corporate culture.
“We know that earning the trust of our customers and the regulators we work with globally is no easy feat,” said Uber Chief Legal Officer Tony West. “We’ll continue to invest in protections to keep our customers and their data safe and secure, and we’re committed to maintaining a constructive and collaborative relationship with governments around the world.”