The ride-hailing service Uber has been fined the equivalent of nearly $1.2million (R16.5m) by British and Dutch authorities for failing to protect customers’ data during a cyberattack in 2016.
Britain’s Information Commissioner’s Office said yesterday it fined the company £385 000 and Dutch officials imposed a 600 000 fine for violating Dutch data protection laws.
British officials cited a series of “avoidable data security flaws” that allowed personal data for roughly 2.7million UK customers to be downloaded by hackers in October and November 2016.
The information commission’s director of investigations, Steve Eckersley, said Uber had shown a “complete disregard for the customers and drivers whose personal information was stolen”.
“At the time, no steps were taken to inform anyone affected by the breach, or to offer help and support,” he said. “That left them vulnerable.”