Uber Fined Another $1.2 Million for Covering up Personal Data Breach

Nov 27, 2018

This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

In 2016, Uber experienced a massive data breach that comprised millions of users’ personal information. To make matters worse, the ride-hailing giant tried to coverup that it was attacked by hackers. Now, the company is facing punishment by European authorities for the mishap.

The United Kingdom’s Information Commissioner’s Office is slapping Uber with a £385,000 fine ($491,284) while the Dutch Data Protection Authority will fine the company €600,000 ($679,257). Both bodies say Uber failed to protect customers’ personal data, which included names, email addresses, phone numbers and driver pay records. Uber also faced fines for not reporting the security breach in a timely manner.

There were 2.7 million UK citizens and 174,000 in the Netherlands affected by the breach. In September, Uber agreed with the US government to a $148 million settlement for the breach. After Uber had discovered the breach in 2016, company executives paid the hackers $100,000 to destroy the stolen data of 57 million worldwide users (and drivers) and decided not to report the incident to government authorities.

“This was not only a serious failure of data security on Uber’s part, but a complete disregard for the customers and drivers whose personal information was stolen,” ICO Director of Investigations Steve Eckersley said, reports CNBC. “At the time, no steps were taken to inform anyone affected by the breach, or to offer help and support. That left them vulnerable.”

Uber has hired a new chief privacy officer and chief trust and security officer, fired executives involved in the coverup and implemented a program that encourages employees to report unethical behavior.

An Uber spokesperson told CNBC it was “pleased to close this chapter on the data incident from 2016.”

H/T: CNBC

Photo by Ali Balikci/Anadolu Agency/Getty Images.

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.