Uber has been fined £385,000 after “a series of avoidable data security flaws” allowed hackers to download personal information from 2.7 million customers.
The Information Commissioner’s Office (ICO) found Uber was guilty of a “serious breach” of UK data protection law and showed a “complete disregard” for the customers and drivers whose information was stolen.
Full names, email addresses and phone numbers were obtained during the October and November 2016 attack but Uber did not inform customers or drivers for more than a year. Instead it paid the attackers $100,000 (£78,000) to destroy the information they had downloaded.
Join our new commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies