BOSTON (CBS/AP) — Massachusetts Attorney General Maura Healey says she’s launched an investigation into Uber’s data breach.
The ride sharing company admitted Tuesday it covered up a year-old hacking attack that stole personal information about more than 57 million of its customers and drivers.
Healey tweeted Wednesday that her office has reached out to Uber for more information.
“We have serious concerns about the reported conduct,” she said.
So far, there’s no evidence that the data taken has been misused, according to a blog post by Uber’s recently hired CEO, Dara Khosrowshahi. Part of the reason nothing malicious has happened is because Uber acknowledged paying the hackers $100,000 to destroy the stolen information.
The revelation marks the latest stain on Uber’s reputation. It also brought an investigation from New York’s attorney general and threats of larger-than-normal fines from British authorities for failing to promptly disclose the hack.
Khosrowshahi criticized Uber’s handling of its data theft in his blog post.
“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” Khosrowshahi wrote. “We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”
The heist took the names, email addresses and mobile phone numbers of 57 million riders around the world. The thieves also nabbed the driver’s license numbers of 600,000 Uber drivers in the U.S.
Uber waited until Tuesday to begin notifying the drivers with compromised driver’s licenses, which can be particularly useful for perpetrating identify theft. For that reason, Uber will now pay for free credit-report monitoring and identity theft protection services for the affected drivers.
AP Technology Writer Michael Liedtke contributed to this report.
(© Copyright 2017 CBS Broadcasting Inc. All Rights Reserved. The Associated Press contributed to this report.)