Since Wednesday, Uber is under several investigations in the United States after the company admitted the data of 57 million users in the world, including 600,000 drivers, had been hacked.
Prosecutors from New York, Eric Schneiderman, and Connecticut, George Jepsen, opened the investigations.
Uber revealed on Tuesday that the information was hacked in October 2016 and that they had kept it secret for more than a year.
The names of the users as well as their emails and mobile phone numbers were stolen, company CEO Dara Khosrowshahi said in a statement on Tuesday.
Based on an external investigation, Khosrowshahi affirmed, however, that the information about the journeys, the credit card numbers and bank accounts, the social security numbers and the users’ birth dates were not stolen.
Two members of the Uber information security team who “commanded the response” to the incident and did not alert users that their data had been violated were fired from the company, based in San Francisco, according to Khosrowshahi.
The investigation follows another one from 2014 for a different attack on Uber, who had paid a fine of $20,000 for failing to disclose it on time. The purpose of that attack was to obtain data of the company’s drivers and not the customers.
The American law firm Keller Rohrback, specializing in class-action lawsuits against hackers, also announced its own investigation into data theft and called on users of the application to contact them.
According to sources close to the case, Uber would have paid $100,000 to the hackers not to reveal the information and destroy it.
This cyber-attack is a further blow to Uber’s reputation as the company tries to leave behind the accusations about poor criminal background checks of their drivers and sexual harassment within the company.
Khosrowshahi took over the management of the company in late August, replacing founder Travis Kalanick, expelled by investors eager to restore the group’s image.