UBER to pay $491,000 Penalty for 2016 Cyber Attack


Uber Technologies, an American taxicab company has been ordered to pay $491,000 or £385,000 (pounds) by UK data watchdog over a 2016 cyber attack which compromised the data of millions of customers and tens of thousands of drivers.

Information Commissioner’s Office (ICO) said that the penalty has been imposed on the California based peer to peer ride sharing company for leaking info of over 2.7 million UK customers which includes email addresses, phone numbers, and physical addresses.

Readers of Cybersecurity Insiders have to notify a fact that the customers of the company were kept in dark about the cyber attack for more than a year. And it’s said that the top officials of the company paid the hackers $100,000 to destroy the data they accessed during the hack.

“As Uber failed to protect the data of its users, the said penalty has been imposed on the taxi cab company carrying out operations in London”, said Steve Eckersley, the ICO’s director of investigations.

Note 1- the fine comes in the midst of the battle which has been taking place between the London drivers from Uber and the management of the company over employment status and other work benefits.

Note 2- In June this year, the government of London issued a green flag for the renewal of a probationary license to the company to carry out its business operations in the UK capital- all against the desire of the transport regulators.

Note 3- Uber made the details of the cyber attack public in November 2017 and revealed that the hackers accessed the info of more than 57 million Uber customers and drivers worldwide from a storage bucket of AWS Cloud Platform.

Note 4- In a separate instance, Uber has been fined £600,000 fine by the data watchdog of Netherlands. As it was revealed in a probe that the hack affected around 174,000 Dutch citizens.

Note 5- Uber has to consider itself fortunate as the fine was imposed as per the GDPR regulations existing before May this year. If was to face the latest, then it could have landed up in paying a fine of 4% of its annual turnover or £20 million whichever is higher.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display