Uber sued for negligence after disclosing massive data breach


Uber Technologies Inc. was sued for negligence hours after it disclosed that customers and drivers’ personal data was hacked over a year ago.

“Uber failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” according to the complaint filed Tuesday in federal court in Los Angeles.

The lawsuit seeks to represent all Uber drivers and customers in the U.S. whose information was stolen.

Representatives of the San Francisco-based company didn’t immediately respond to a request for comment on the lawsuit.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.

The case is Flores v. Rasier LLC, 17-cv-08503, U.S. District Court, Central District of California (Los Angeles).