Uber has admitted to covering up a 2016 data breach affecting 57 million passengers and drivers. 

As part of a settlement with US prosecutors to avoid criminal charges, Uber Technologies has accepted responsibility for its personnel failing to report the November 2016 hacking to the US Federal Trade Commission, which had been investigating Uber's data security.

US Attorney Stephanie Hinds in San Francisco says the decision not to criminally charge Uber reflected the prompt investigation and disclosures of the company’s new management.

Additionally, Uber is cooperating with the prosecution of a former security chief, Joseph Sullivan, over his alleged role in concealing the hacking.

Mr Sullivan was originally indicted in September 2020. He is alleged to have arranged to pay the hackers US$100,000 (A$144,300) in bitcoin to sign nondisclosure agreements that falsely stated they had not stolen data.

Uber paid US$148 million in 2018 to settle claims by all 50 US states and Washington, DC, that it was too slow to disclose hacking.