Challenged on Monday by US senators to explain its failure to report that it had allowed hackers to grab records on 57 million customers and drivers and then paid hush money in an attempted year-long coverup, Uber has been presented with its second state-backed lawsuit for not alerting authorities to the pilfering.
The first such suit arrived on Monday, from the State of Illinois and the City of Chicago, featuring a chiding from Chicago Mayor Rahm Emanuel: “The City of Chicago will not tolerate these kinds of irresponsible practices, which is why we are taking legal action to hold Uber accountable for their reckless actions.”
The second landed Tuesday, from the State of Washington, where the state’s IT security breach law requires notification of consumers within 45 days and, if more than 500 state residents are implicated, notification of the state Attorney General. Uber, apparently, did neither: it sat on its hands for a year until the lid was blown on the coverup.
Washington’s complaint, filed in King County Superior Court, claimed the hacking exposed data for an undisclosed number of customers and at least 10,888 drivers in Washington, and that Uber failed to say anything in a timely manner.
In a statement, Washington Attorney General Bob Ferguson said the law is clear that businesses must inform people put at risk by a computer security breach. “Uber’s conduct has been truly stunning,” he said. “There is no excuse for keeping this information from consumers.”
打击猖獗的商业间谍活动
The complaint asks the court to assess damages of up to $2,000 per affected individual, which could amount to $20m for drivers alone.
As a point of reference, Uber lost about $2.8bn last year, according to Bloomberg. Even so, despite the San Francisco upstart’s bottomless well of scandals, reports this year suggest losses have been narrowing and ride bookings have been rising.
Uber’s reputation for flouting laws has turned the taxi-app biz into a legal punching bag. Also on Tuesday, the judge hearing Google’s trade secret lawsuit against Uber delayed the pending trial after evidence emerged the company had operated a secret unit explicitly for stealing trade secrets.
信息安全的最弱环节,一些观点:受信任员工和转岗员工可能引起的安全风险可能大于离职员工;年轻的“数码一代”缺乏知识产权和安全保密意识;密码重置机制可能比密码更脆弱。
As a measure of its alleged malfeasance, Uber has been sued almost 80 times in US civil court so far this year. And there may be more lawsuits coming from other states, given that almost all have some form of data breach notification requirement.
Uber did not respond to a request for comment.
In its breach disclosure and apology last week, CEO Dara Khosrowshahi said Uber will learn from its mistakes. The ride hailing biz may also contribute to the career advancement of a significant number of lawyers. ®
组织也应该从中吸取微博泄密的教训,制定好保密内容的范围,教育好员工哪些内容可以、哪些不可以在论坛、博客和社交网络上张贴。

猜您喜欢

提升信息安全意识 加强网络安全宣传 有效防范勒索软件
保密知识课堂
Cyber Security Law 网络安全法宣传视频系列001
驻日美军30架舰载机移驻岩国基地
BG360 ONTHEROCKSVILLA
海外风险与安全基础知识,海外留学或移民需知,出国前的必修课: