The UK’s knowledge watchdog says it has “enormous considerations” over Uber’s secret fee of $100,000 to hackers who stole customers’ info.
The Data Commissioner’s Workplace says the revelation that 57 million clients’ and drivers’ knowledge was stolen by hackers and lined up by Uber raises questions in regards to the firm’s ethics.
“Uber’s announcement a few hid knowledge breach final October raises enormous considerations round its knowledge safety insurance policies and ethics,” mentioned James Dipple-Johnstone, the deputy commissioner.
“Intentionally concealing breaches from regulators and residents might appeal to greater fines for corporations.”
Uber introduced that it had removed its chief safety officer because it confirmed his group had not knowledgeable victims however as a substitute paid off hackers who breached the corporate’s methods in October 2016.
Companies which function within the UK can at the moment be fined as much as £500,000 for failing to tell individuals if their knowledge is stolen, which is an offence beneath the Knowledge Safety Act.
Beneath the EU’s normal knowledge safety rules, which the UK is enshrining in home legislation earlier than Brexit, corporations might face fines of £17m or four% of their world turnover, whichever is greater.
On the time the cover-up was revealed, the ride-hailing app’s chief govt, Dara Khosrowshahi, mentioned: “None of this could have occurred, and I cannot make excuses for it.”
Mr Khosrowshahi, who joined the corporate in August, mentioned: “You might be asking why we’re simply speaking about this now, a yr later.
“I had the identical query, so I instantly requested for a radical investigation of what occurred and the way we dealt with it.
“Whereas I can not erase the previous, I can commit on behalf of each Uber worker that we’ll study from our errors.”
Uber’s former chief govt, Travis Kalanick, discovered of the hack in 2016, based on Bloomberg – seven months earlier than a shareholder revolt compelled him to stop.
Uber has said that it’s within the strategy of notifying the related regulators, however has not issued additional remark.