Data rule regime inwards the United Kingdom of Great Britain too Northern Ireland of Britain too Northern Republic of Ireland too the Netherlands on Tuesday fined ride-hailing service Uber Technologies Inc for failing to protect its users' information during a 2016 hack assail which affected over l ane M one thousand of Uber users across the globe.
Labeling the incident every bit a “series of avoidable information safety flaws” which invited hackers to obtain the sensitive information, the Information Commissioner’s Office (ICO) imposed a fine of £385,000 ($490,759.50) on the enterprise. On the other hand, the Dutch Data Protection Authority penalized the delineate of piece of occupation solid amongst a fine of €600,000 ($678,780.00).
The breach which affected 174,000 people inwards the Netherlands too 2.7 ane M one thousand people inwards the United Kingdom of Great Britain too Northern Ireland of Britain too Northern Republic of Ireland inwards 2016 was reportedly kept a hugger-mugger until 2017.
Instead of at ane time informing the regulators virtually the assail too the customers virtually their information beingness compromised, reports say that Uber paid the attackers to destroy the hacked information.
ICO Imposed Fines on Uber
Labeling the incident every bit a “series of avoidable information safety flaws” which invited hackers to obtain the sensitive information, the Information Commissioner’s Office (ICO) imposed a fine of £385,000 ($490,759.50) on the enterprise. On the other hand, the Dutch Data Protection Authority penalized the delineate of piece of occupation solid amongst a fine of €600,000 ($678,780.00).
The breach which affected 174,000 people inwards the Netherlands too 2.7 ane M one thousand people inwards the United Kingdom of Great Britain too Northern Ireland of Britain too Northern Republic of Ireland inwards 2016 was reportedly kept a hugger-mugger until 2017.
Instead of at ane time informing the regulators virtually the assail too the customers virtually their information beingness compromised, reports say that Uber paid the attackers to destroy the hacked information.
ICO Imposed Fines on Uber
Steve Eckersley, ICO Director of Investigations corroborated the reported delineate of piece of occupation concern human relationship inwards a statement, he said, “This was non alone a serious failure of information safety on Uber’s portion only a consummate disregard for the customers too drivers whose personal information was stolen. At the time, no steps were taken to inform anyone affected past times the breach, or to offering assist too support. That left them vulnerable.”
“Paying the attackers too thence keeping placidity virtually it later was not, inwards our view, an appropriate reply to the cyber attack.”
Uber's take
Referenced from an Uber Spokesperson's response, "We're pleased to unopen this chapter on the information incident from 2016. As nosotros shared amongst European regime during their investigations, we've made a reveal of technical improvements to the safety of our systems both inwards the immediate wake of the incident every bit good every bit inwards the years since.
"We've likewise made pregnant changes inwards leadership to ensure proper transparency amongst regulators too customers moving forward. Earlier this twelvemonth nosotros hired our source main privacy officer, information protection officer, too a novel main trust too safety officer. We larn from our mistakes too perish along our commitment to earn the trust of our users every day."
