Uber agrees to a new settlement with the Federal Trade Commission over the massive 2016 data breach. The authorities could assign civil penalties against the company if it will fail to share incident data with FTC. Uber is obliged to disclose any future breach affecting consumer data and share reports from required third-party audits of its privacy program. The company must maintain records related to bug bounty activities. The settlement could subject Uber to civil penalties if it fails to notify the FTC of certain future incidents involving unauthorized access of consumer information.”]
Source: https://securityaffairs.co/wordpress/71332/laws-and-regulations/uber-2016-data-breach.html