Uber Agrees to Pay Florida $8.2 Million to Settle Large Data Breach Lawsuit

According to reporting from the Miami Herald, the State of Florida will receive $8.2 million as part of the nearly $150 million settlement that Uber reached with the 50 U.S. states. Uber is making these payments to settle a data breach claim that the individual states brought collectively against the ridesharing giant.

The data breach itself occurred in the fall of 2016. At that time, hackers stole sensitive personal information about Uber drivers from the company’s servers. It took Uber until November of 2017 — approximately one year — to disclose the breach to the affected parties. In fact, the company paid the hackers $100,000 to remain quiet and ‘destroy’ the compromised data.

In this case, Uber violated one the key rules of dealing with a data breach: disclosure is crucial. Here, our top-rated West Palm Beach business law attorneys highlight the four steps you should take if your company experienced a data breach and sensitive customer or employee information was compromised.

Dealing With a Data Breach: Four Steps for Businesses 

1. Conduct an Immediate Assessment
   

As soon as you are aware that a data breach has occurred at your company, it is imperative that you conduct an in-depth assessment of the situation. You need to identify the extent of the damage as well as what is at risk. Only when you fully understand what you are dealing with will you be able to take the proper steps to rectify the situation and protect your company, your employees, and your customers. Do not hesitate to seek professional guidance.

2. Take Action to Minimize Further Damage
   

Next, you need to make sure that you stop any further damage from occurring. However the breach happened, action will be required to make sure that there is no further compromising of sensitive information. This may require altering operating systems or even temporarily taking some systems offline. 

3. Document Everything
   

When dealing with a major data breach, you should document as much information as you possibly can. The more information that you have, the better off you will be. This will make it far easier to handle the problem, and to stop it from occurring again. In addition, comprehensive documentation of the data breach and your remedial actions will help provide some legal protection should you face a lawsuit. 

4. Notify All Affected Parties
   

Finally, companies should never conceal a data breach. Under Florida law, companies are legally required to make certain disclosures in the event of a data breach. Affected parties should be notified as soon as reasonably possible. You need to take quick action. If you wait too long to notify affected parties, as was the case with Uber, your company could face considerable financial penalties. Contact a lawyer immediately.

Do You Have Questions About a Data Breach?

We can help. At Pike & Lustig, LLP, our commercial law attorneys have a comprehensive understanding of Florida’s legal requirements regarding data security and data breaches. If you need legal guidance, please do not hesitate to reach out to us for immediate help. With an office in West Palm Beach, an office in Miami, and an office Palm Beach Gardens, we are well-positioned to serve companies all throughout South Florida.

Resource:

miamiherald.com/news/business/article219060400.html