Uber—transportation network and food delivering company—was accused by the U.S. regulators due to the cyber-attack in the year 2016 that exposed personal data of around 57 Million customers and drivers. The massive security rupture was earlier kept hidden by the company from the regulators.
Uber offered the hackers with $100,000 to vanish out the stolen data from the company’s cloud servers. Not only this, but the company also paid $148 Million to settle allegations raised by the U.S. administration for not revealing about the data loss.
In November 2017, Uber revealed about the data security break and accepted its mistake of not disclosing timely about it.
The hackers attacked the Uber servers exposing the customers and drivers’ data at the global level, So, UK has penalized Uber with £385,000 for uncovering data of around 2.7 Million UK customers.
The exposed personal data of the customers include their names, contact numbers, and addresses.
Information Commissioner’s Office blamed Uber security services for the cyber-attack on their servers. Director of the investigation at ICO, Steve Eckersley said that apart from the faulty security services that had led to data theft; the company expressed disrespect for its customers and drivers whose data was exposed and had kept them at the verge of the risk of fraud. He stated that Uber had neither revealed about the attack nor warned its customers related to their data exposure.
Data regulators in Holland have also fined Uber over £532,000 for 2016 breach which affected 174,000 Dutch customers.
Mr. Eckersley said that without taking any crucial steps, Uber simply paid the hackers and thought the whole issue was sorted.
Uber responded on Eckersley statement by saying that the company had made some technical improvements in their servers to enhance security, and also appointed a data protection head and a chief privacy officer for supervising the security operations.