Uber’s public response to its recently revealed data breach is still drawing heavy criticism a week after the company’s initial acknowledgement — and now members of Congress are seeking further answers, as well.
Members of the U.S. Senate sent a joint letter on Monday to Uber CEO Dara Khosrowshahi regarding the recent breach, which compromised the data of 57 million users. The aim of the letter is “to understand what steps Uber has taken to investigate what occurred, restore and maintain the integrity of its systems, and identify and mitigate potential consumer harm and identity theft-related fraud against Federal programs.”
The letter lists 11 questions, as the four senators seek answers on when the breach was first identified, what information was compromised, and what further actions the company has taken since the discovery of the breach. The senators are hoping to get explanations in the next few weeks.
While that letter came from four Republicans, it’s clear that Uber’s breach is a bipartisan concern. Democratic Sen. Mark Warner sent his own letter to Khosrowshahi, with a number of other questions, including asking senior executives about the rationale for “covering up this breach.”
As Re/code points out, the company’s responses to Congress “could carry serious political and legal repercussions.” Attorneys general from at least five states are already investigating Uber.
This comes after a separate Wall Street Journal report which claims that Khosrowshahi knew about the hack for months before Uber informed the public.
It’s become clear that the fallout from this breach is far from over, and it’s fair to compare Uber’s response to Equifax’s. (If not in scope — though Uber’s breach is still quite large — at least in public outcry.) Corporate reaction to these large data breaches is becoming as important as protecting users from breaches in the first place, and we’re hoping companies become quicker and more proactive, as Imgur was in its acknowledgement of a recent breach.