Uber fined after 'serious breach' allows hackers to download 2.7 million customers' data
‘A series of avoidable data security flaws’ allowed attackers to access full names, email addresses and phone numbers
Uber has been fined £385,000 after “a series of avoidable data security flaws” allowed hackers to download personal information from 2.7 million customers.
The Information Commissioner’s Office (ICO) found Uber was guilty of a “serious breach” of UK data protection law and showed a “complete disregard” for the customers and drivers whose information was stolen.
Full names, email addresses and phone numbers were obtained during the October and November 2016 attack but Uber did not inform customers or drivers for more than a year. Instead it paid the attackers $100,000 (£78,000) to destroy the information they had downloaded.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies