Uber fined €1M for 2016 data breach by European privacy watchdogs

The Dutch Data Protection Authority (Dutch DPA) just announced it’s imposing a €600,000 fine on Uber and its Dutch subsidiary Uber B.V. for violating Dutch data breach regulation in 2016. Simultaneously, UK’s Information Commissioner‘s Office (ICO) declared Uber will be fined £385,000 (around €433,000) for the same data breach back in 2016.

Uber concealed the 2016 breach for over a year, in which hackers gained access to personal data of 57 million people worldwide, such as names, email addresses, and telephone numbers. The company thereby failed to comply with laws stating it must report data breaches to the authorities and the data subjects within 72 hours after the discovery of the breach.

Instead, the company paid the hackers $100,000 to delete the data and keep the breach quiet. The ICO said Uber had shown “complete disregard” for users and said the breach was cause by “avoidable data security flaws,” according to Sky News .

It’s still unclear whether the two privacy regulators worked together but the Dutch DPA and the ICO announced the Uber fines within moments of each other.

This isn’t the first time Uber has been fined for its 2016 data breach. Last September the ride-hailing giant was forced to pay $148 million in fines after a settlement in a case of all 50 states against the company.

Read next: PSA: Vulnerability in popular Bitcoin wallet exposes your private keys

Similar Articles:

Uber fined £385,000 for data breach affecting millions of passengers

Uber fined £385,000 for data breach affecting millions of passengers

Infographic: A Look At Data Breach Laws By State

Infographic: A Look At Data Breach Laws By State

FreshMenu 2016 Data Breach Exposed Records of 110,000 Users, Company Decided Not to Disclose: Report

FreshMenu 2016 Data Breach Exposed Records of 110,000 Users, Company Decided Not to Disclose: Report

Data breach laws: would you know if your personal information was compromised?

Data breach laws: would you know if your personal information was compromised?