Uber in-house lawyer leaves company amid revelations over undisclosed cyberattack

Company admits it failed to notify 57 million users their data was exposed in a breach

Uber failed to notify 57 million users that their data was exposed in a breach, according to a company blog post published yesterday (21 November), which was confirmed by a source close to the matter.

As a result, two employees tasked with handling the response process have left the company, including Uber in-house lawyer Craig Clark, who reported to the company’s chief security officer, according to a Bloomberg article. The employees reportedly played roles in keeping the breach quiet, which, according to Bloomberg, “included a $100,000 payment to the attackers”.

This premium content is reserved for
Legal Week Subscribers.

Subscribe today to get ALL ACCESS!

A premium subscription gives you access to all articles and provides:

  • Trusted insight, news and analysis from the UK and across the globe
  • Connections to senior business lawyers within the leading law firms and legal departments
  • Unique access to ALM’s unrivalled, market-leading reporting in the US and Asia and cutting-edge research, including Legal Week’s UK Top 50 and Global 100 rankings
  • The Legal Week Daily News Alert, Editor’s Highlights, and Breaking News digital newsletters and more, plus a choice of over 70 ALM newsletters
  • Optimized access on all of your devices: desktop, tablet and mobile
  • Complete access to the site’s full archive of more than 56,000 articles

Subscribe Now For All Access

For enterprise-wide or corporate enquiries, please contact Paul Reeves on Preeves@alm.com or call on +44 (0) 203 875 0651