Five U.S. senators sent letters to Uber Monday, pressing the company’s leadership for information on a data breach affecting millions of its consumers and the subsequent attempt to cover up the incident.
The breach — which took place in October 2016 — provided hackers with the names and driver’s license numbers of roughly 600,000 drivers as well as the personal phone numbers and email addresses of 57 million riders.
Instead of disclosing the breach, Uber paid a fee of $100,000 to the hackers, asking them to delete the stolen data.
A letter co-authored by Sens. John Thune, R-S.D., Orrin Hatch, R-Utah, Jerry Moran, R-Kansas, and Bill Cassidy, R-La., presented a series of questions to Uber’s CEO, Dara Khosrowshahi, regarding the company’s past conduct and its plans to protect user data in the future.
“Our goal is to understand what steps Uber has taken to investigate what occurred, restore and maintain the integrity of its systems, and identify and mitigate potential consumer harm and identity theft-related fraud against Federal programs,” the letter stated.
In a separate letter addressed to Khosrowshahi, Sen. Mark Warner , D-Va., also urged the ridesharing company to provide more information on the breach.
Sen. Warner noted further misdeeds from the company in his letter, citing allegations that Uber shared information about the breach to a potential investor several weeks before notifying regulators or affected parties.
“I have long championed the innovation and potential of the on-demand economy,” wrote Warner. “However, Uber’s conduct raises serious questions about the company’s compliance with relevant state and federal regulations.”
You can read Warner’s full letter below: