Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

France Fines Uber 400,000 Euros Over Huge Data Breach

France’s data protection agency said Thursday that it had fined the US ride-hailing group Uber 400,000 euros ($460,000) over a 2016 data breach that exposed the personal data of some 57 million clients and drivers worldwide.

France’s data protection agency said Thursday that it had fined the US ride-hailing group Uber 400,000 euros ($460,000) over a 2016 data breach that exposed the personal data of some 57 million clients and drivers worldwide.

Uber drew the wrath of users and regulators after the company waited a year before revealing in November 2017 that hackers had infiltrated its systems.

The French Data Protection Authority said the breach would have been prevented “if certain elementary security measures had been in place.”

Uber has already paid $148 million to US authorities to avoid a potentially embarrassing court case, and vowed to improve its security efforts.

Last month, the Netherlands imposed a 600,000-euro fine over the breach and Britain ordered Uber to pay 385,000 pounds ($490,000).

The company, which is widely expected to launch a public stock offering next year, has been trying to burnish its reputation after a series of scandals over executive misconduct and its competitive practices.

Uber was informed about the breach by the hackers themselves, and the firm paid them $100,000 to keep quiet about their exploit and destroy the data.

The company said it has learnt lessons from its mistakes in the incident and has hired top-notch security experts.

Advertisement. Scroll to continue reading.

“After the incident and in the following years we made several technical improvements to our security,” an Uber spokeswoman said Thursday.

“We have also made important changes to our management to insure transparency with regulatory authorities and clients,” she added.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.