Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Uber Fined Nearly $1.2 Million by Dutch, UK Over Data Breach

The ride-hailing service Uber has been fined the equivalent of nearly $1.2 million by British and Dutch authorities for failing to protect customers’ data during a cyberattack in 2016.

The ride-hailing service Uber has been fined the equivalent of nearly $1.2 million by British and Dutch authorities for failing to protect customers’ data during a cyberattack in 2016.

Britain’s Information Commissioner’s Office said Tuesday it fined the company 385,000 pounds ($491,000) and Dutch officials imposed a 600,000-euro ($679,000) fine for violating Dutch data protection laws.

British officials cited a series of “avoidable data security flaws” that allowed personal data for roughly 2.7 million U.K. customers to be downloaded by hackers during an incident in October and November 2016.

The information commission’s director of investigations, Steve Eckersley, said Uber had shown a “complete disregard for the customers and drivers whose personal information was stolen” after the substantial security breach.

“At the time, no steps were taken to inform anyone affected by the breach, or to offer help and support,” he said. “That left them vulnerable.”

Dutch officials say Uber did not report the data breach to authorities within 72 hours as required by regulations. The Dutch Data Authority says 57 million users worldwide and 174,000 Dutch citizens were affected by the data breach.

The U.S.-based company said in a statement that Uber is “pleased to close this chapter on the data incident from 2016.”

It said a number of technical improvements have been made to the security system since then.

Advertisement. Scroll to continue reading.

“We learn from our mistakes,” the company said. The statement also cites a number of changes to the senior management team that have been made in the last year.

Related: Hackers From Florida, Canada Behind 2016 Uber Breach

Related: Uber Agrees to $148M Settlement With States Over Data Breach

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Stephanie Crowe has been appointed head of the Australian Cyber Security Centre (ACSC).

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.