Illinois will share in a nationwide $148 million settlement with ride-hailing company Uber over a data breach affecting about 600,000 drivers.
The settlement brings Illinois $8.5 million; that will fund payments of $100 to each affected driver. The company had learned in November 2016 that hackers had accessed drivers’ personal information, but Uber didn’t report that breach in a timely manner, according to a news release announcing the settlement issued by the Illinois attorney general’s office.
As part of the deal, Uber also said it would strengthen its data security, including hiring an outside party to assess procedures and recommend improvements.
The company “completely disregarded Illinois’ breach notification law when it waited more than a year to alert people,” Attorney General Lisa Madigan was quoted as saying in a news release. Calling Uber’s response “unacceptable,” she added: “Companies cannot hide when they break the law.”