Uber has reached a $148 million settlement with state attorneys general in all 50 states with varying amounts being distributed to each state. The legal matter that was settled was in reference to the 2016 data breach in which Uber failed to notify the 57 million customers affected by it for over a year. The stolen customer data affected the citizens of various countries and included 600,000 driver's license numbers. Uber violated numerous data breach reporting and data security laws with the cover-up and still faces multiple lawsuits from customers and cities related to the data breach. Uber even paid the hacker to keep the data breach a secret. The settlement terms include changes to Uber's business practices aimed at preventing future breaches and reforming its corporate culture. Uber will be required to report any data security incidents to states on a quarterly basis for the next two years, and implement a comprehensive information security program overseen by an executive officer who advises executive staff and Uber's board of directors.