Europe's Privacy Regulators Are Ganging Up on Uber

Europe's Privacy Regulators Are Ganging Up on Uber

"Uber users who notice anything suspicious can contact Uber's Help Centre by tapping "Help" in the app, then "Account and Payment Options" "I have an unknown charge" "I think my account has been hacked". Now, after some further digging, it seems that 2.7 million of those affected were Uber customers from the UK. With the announcement, San Francisco-based Uber said it concealed the breach for a year after paying $100,000 in ransom for the stolen information to be destroyed.

More than 27 million of Uber's United Kingdom customers and drivers were affected in its 2016 data breach, with their names, email addresses and phone number stolen from the company's servers. "Nevertheless, the nature of the information now acknowledged to have been compromised, together with the allegation that the company concealed the breach without notifying affected drivers and consumers, and prior privacy concerns at Uber, makes this a serious incident that merits further scrutiny".

The firm has said it has a total of five million active users and 50,000 drivers in the UK.

"On its own this information is unlikely to pose a direct threat to citizens", said James Dipple-Johnstone, Deputy Commissioner at the ICO.

Currently, ICO is waiting on technical reports for full confirmation on the damage, including exact details on compromised personal information.




The ICO believes the data could be used by scammers trying to target victims of the breach.

The latest development was described as "shocking" by London Mayor Sadiq Khan.

"Uber needs to urgently confirm which of their customers are affected, what is being done to ensure these customers don't suffer adversely, and what action is being taken to prevent this happening again in the future".

New CEO Dara Khosrowshahi explaining he only became aware of the breach recently. 10,888 Uber drivers in Washington have had their license numbers compromised by the data breach and according Ferguson's press release, Uber was required to notify the passengers and drivers of breach as well as the attorney general's office within 45 days of the attack.

Related Articles