Uber Class Action Says Customers’ Info Compromised in Data Breach

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

Uber faces a new class action lawsuit from passengers whose personal information was stolen by hackers in a 2016 data breach.

Plaintiff Andrew Greder, on behalf of himself and others similarly situated, claims in his class action lawsuit against defendants Uber Technologies Inc., Rasier LLC, and Rasier-CA LLC that personal information was compromised by hackers, putting himself and others at risk.

“In November 2017, Uber announced that over a year earlier in October 2016, hackers gained access and had stolen information relating to 57 million driver and rider accounts for the Uber ride-share service,” the Uber class action lawsuit states.

Defendants later paid the hackers at least $100,000 to conceal the existence of the data breach and delayed the disclosure of the breach despite the danger to their customers and drivers, according to the Uber class action lawsuit.

Greder claims Uber had a duty to inform the plaintiff and putative Class Members that their personal information had been compromised and protect their customers against security threats.

Allegedly, Uber knew their information storage system had security vulnerabilities but continued to use the system despite the known vulnerabilities. As stated by the Uber class action lawsuit, “defendants were negligent by continuing to accept, process and store such information in light of these computer network vulnerabilities and the sensitivity of the personal information stored within.”

The Uber class action lawsuit alleges that Greder and potential Class Members were parties to an actual or implied contract with Uber under which the defendants were required to safeguard personal information from theft and compromise. The plaintiff claims that Uber breached this contract by allowing a continued security breach.

Additionally, Greder claims the defendants’ acts were fraudulent, deceptive, and unfair under the consumer protection laws of all 50 states and the District of Columbia. “Plaintiff and Class Members were deceived by Defendants’ failure to properly implement adequate, commercially reasonable security measures to protect their personal information” alleges the Uber class action lawsuit.

This class action lawsuit follows another Uber class action lawsuit seeking a court order that bars Uber from mishandling sensitive information in the future.

Greder proposes to represent a Class comprising of all persons living in the U.S. whose personal data was accessed in the Uber data breach announced on Nov. 21, 2017. He is seeking a trial by jury for counts of negligence, negligence per se, breach of contract, and breach of consumer protection statutes. The plaintiff also seeks relief for damages, costs, court expenses, and attorneys’ fees.

Greder is represented by Daniel Gustafson, Daniel Hedlund, Joseph Bourne, Eric Taubel, and Kaitlyn Dennis of Gustafson Gluek PLLC.

The Uber Data Breach Class Action Lawsuit is Andrew Greder v. Uber Technologies Inc., et al., Case No. 0:18-cv-00116-JRT-SER, in the U.S. District Court for the District of Minnesota.