{"id":344,"date":"2017-11-29T11:22:40","date_gmt":"2017-11-29T16:22:40","guid":{"rendered":"https:\/\/www.amp.legal\/blog\/?p=344"},"modified":"2022-08-05T10:37:38","modified_gmt":"2022-08-05T14:37:38","slug":"ftc-issues-consent-order-to-uber","status":"publish","type":"post","link":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/","title":{"rendered":"FTC Issues Consent Order to Uber"},"content":{"rendered":"<p>Uber, a global transportation technology company, is facing lawsuits and government investigations after the company hid a cyber breach for a year. According to the City of Chicago\u2019s complaint against Uber, in October 2016, hackers accessed Uber\u2019s code repository at GitHub, which is hosted by Amazon Web Services. Using the repository, the hackers obtained login credentials that allowed them to access the personal information of more than 50 million people.<\/p>\n<p>To keep the breach quiet, Uber reportedly paid the hackers $100,000 and had them sign a non-disclosure agreement. Uber claims the hackers agreed to delete any stolen data. However, Chicago\u2019s attorneys argue that trusting the hackers is &#8220;nonsensical.&#8221;<\/p>\n<h3>Previous Cyber Breach<\/h3>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"size-medium wp-image-345 alignleft\" style=\"float: left; padding-right: 1em;\" src=\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-300x175.png\" alt=\"\" width=\"300\" height=\"175\" srcset=\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-300x175.png 300w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-768x448.png 768w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-700x408.png 700w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-520x303.png 520w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-360x210.png 360w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-250x146.png 250w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway-100x58.png 100w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Night-Highway.png 900w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>The breach is not Uber\u2019s first cyber incident. In 2014, hackers comprised Uber\u2019s network by using similar hacking methods. After an investigation, the Federal Trade Commission (FTC) alleged that Uber did not prevent the breach because it failed to take reasonable measures, such as monitoring the network and requiring multi-factor authentication. As a result, Uber entered into a consent order with the FTC promising to take corrective actions that included securing its data and implementing a privacy program.<\/p>\n<p>As plaintiffs are filing lawsuits for violating <a href=\"https:\/\/www.amp.legal\/data-breach-law-tool\/\" target=\"_blank\" rel=\"noopener noreferrer\">state breach laws<\/a>, a group of senators are demanding that Uber provide a detailed timeline of the breach. One senator questioned why Uber chose not to provide forensic information to law enforcement to help them catch the hackers. Meanwhile, Uber announced that it will alert the affected individuals and offer them free identity-monitoring for one year.<\/p>\n<p>For more information, visit <a href=\"https:\/\/arstechnica.com\/tech-policy\/2017\/11\/in-data-breach-lawsuit-chicago-slams-uber-for-trusting-word-of-criminals\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ars Technica<\/a>&nbsp;and the&nbsp;<a href=\"https:\/\/www.ftc.gov\/news-events\/press-releases\/2017\/08\/uber-settles-ftc-allegations-it-made-deceptive-privacy-data\" target=\"_blank\" rel=\"noopener noreferrer\">Federal Trade Commission<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Uber, a global transportation technology company, is facing lawsuits and government investigations after the company hid a cyber breach for a year. According to the City of Chicago\u2019s complaint against Uber, in October 2016, hackers [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":346,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[27],"tags":[44,47,48],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>FTC Issues Consent Order to Uber - Cyber Law Blog<\/title>\n<meta name=\"description\" content=\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FTC Issues Consent Order to Uber - Cyber Law Blog\" \/>\n<meta property=\"og:description\" content=\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Law Blog\" \/>\n<meta property=\"article:published_time\" content=\"2017-11-29T16:22:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-05T14:37:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Rearview.png\" \/>\n\t<meta property=\"og:image:width\" content=\"900\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/\"},\"author\":{\"name\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f\"},\"headline\":\"FTC Issues Consent Order to Uber\",\"datePublished\":\"2017-11-29T16:22:40+00:00\",\"dateModified\":\"2022-08-05T14:37:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/\"},\"wordCount\":272,\"publisher\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\"},\"keywords\":[\"cyber breach\",\"data breach laws\",\"Uber\"],\"articleSection\":[\"Cyber Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/\",\"url\":\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/\",\"name\":\"FTC Issues Consent Order to Uber - Cyber Law Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#website\"},\"datePublished\":\"2017-11-29T16:22:40+00:00\",\"dateModified\":\"2022-08-05T14:37:38+00:00\",\"description\":\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.amp.legal\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FTC Issues Consent Order to Uber\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#website\",\"url\":\"https:\/\/www.amp.legal\/blog\/\",\"name\":\"Cyber Law Blog\",\"description\":\"Exploring technology law in cyberspace\",\"publisher\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.amp.legal\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\",\"name\":\"Alice M. Porch, P.A.\",\"url\":\"https:\/\/www.amp.legal\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png\",\"contentUrl\":\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png\",\"width\":1104,\"height\":1114,\"caption\":\"Alice M. Porch, P.A.\"},\"image\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f\",\"name\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g\",\"caption\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\"},\"description\":\"Alice is a member of the Florida Bar, and she focuses on data privacy and cybersecurity compliance. She attended the Warrington College of Business at the University of Florida and earned a Bachelor of Science in Business Administration. After graduating, she earned a Juris Doctor at the Stetson University College of Law. During law school, she served as an Assistant Executive Editor for Stetson Law Review and also as a Staff Editor for Stetson Journal of Advocacy and the Law. She also served as a member of The Florida Bar Journal\/News Editorial Board from 2018-2024. She is currently a member of the Florida Bar Cybersecurity and Privacy Law Substantive Law Committee.\",\"sameAs\":[\"https:\/\/www.aliceporch.com\",\"https:\/\/www.linkedin.com\/in\/alice-m-porch\/\"],\"url\":\"https:\/\/www.amp.legal\/blog\/author\/amplegal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FTC Issues Consent Order to Uber - Cyber Law Blog","description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/","og_locale":"en_US","og_type":"article","og_title":"FTC Issues Consent Order to Uber - Cyber Law Blog","og_description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","og_url":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/","og_site_name":"Cyber Law Blog","article_published_time":"2017-11-29T16:22:40+00:00","article_modified_time":"2022-08-05T14:37:38+00:00","og_image":[{"width":900,"height":525,"url":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/11\/Rearview.png","type":"image\/png"}],"author":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/#article","isPartOf":{"@id":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/"},"author":{"name":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f"},"headline":"FTC Issues Consent Order to Uber","datePublished":"2017-11-29T16:22:40+00:00","dateModified":"2022-08-05T14:37:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/"},"wordCount":272,"publisher":{"@id":"https:\/\/www.amp.legal\/blog\/#organization"},"keywords":["cyber breach","data breach laws","Uber"],"articleSection":["Cyber Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/","url":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/","name":"FTC Issues Consent Order to Uber - Cyber Law Blog","isPartOf":{"@id":"https:\/\/www.amp.legal\/blog\/#website"},"datePublished":"2017-11-29T16:22:40+00:00","dateModified":"2022-08-05T14:37:38+00:00","description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","breadcrumb":{"@id":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.amp.legal\/blog\/ftc-issues-consent-order-to-uber\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.amp.legal\/blog\/"},{"@type":"ListItem","position":2,"name":"FTC Issues Consent Order to Uber"}]},{"@type":"WebSite","@id":"https:\/\/www.amp.legal\/blog\/#website","url":"https:\/\/www.amp.legal\/blog\/","name":"Cyber Law Blog","description":"Exploring technology law in cyberspace","publisher":{"@id":"https:\/\/www.amp.legal\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.amp.legal\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.amp.legal\/blog\/#organization","name":"Alice M. Porch, P.A.","url":"https:\/\/www.amp.legal\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png","contentUrl":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png","width":1104,"height":1114,"caption":"Alice M. Porch, P.A."},"image":{"@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f","name":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g","caption":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+"},"description":"Alice is a member of the Florida Bar, and she focuses on data privacy and cybersecurity compliance. She attended the Warrington College of Business at the University of Florida and earned a Bachelor of Science in Business Administration. After graduating, she earned a Juris Doctor at the Stetson University College of Law. During law school, she served as an Assistant Executive Editor for Stetson Law Review and also as a Staff Editor for Stetson Journal of Advocacy and the Law. She also served as a member of The Florida Bar Journal\/News Editorial Board from 2018-2024. She is currently a member of the Florida Bar Cybersecurity and Privacy Law Substantive Law Committee.","sameAs":["https:\/\/www.aliceporch.com","https:\/\/www.linkedin.com\/in\/alice-m-porch\/"],"url":"https:\/\/www.amp.legal\/blog\/author\/amplegal\/"}]}},"_links":{"self":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/344"}],"collection":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/comments?post=344"}],"version-history":[{"count":8,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/344\/revisions"}],"predecessor-version":[{"id":1111,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/344\/revisions\/1111"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/media\/346"}],"wp:attachment":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/media?parent=344"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/categories?post=344"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/tags?post=344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}