Uber fined £ 385,000 for loss of customer data in the UK

Uber has been fined £ 385,000 for letting hackers steal data from 2.7 million British customers.

The names, addresses and phone numbers of the users went astray during the 2016 attack.

The data was stolen thanks to "preventable security breaches," said the Information Commissioner's office.

Uber was also fined £ 600,000 (£ 532,000) by Dutch data regulators for the same offense, which also affected 174,000 Dutch customers.

Data destruction

"It was not only a serious failure of data security on the part of Uber, but also a total disregard for customers and drivers whose personal information had been stolen, "said Steve Eckersley, Director of Investigations at the OIC.

Uber did nothing to alert people that data had been downloaded or to help the affected people, he added.

Clients whose data was stolen were left with "increased risk of fraud," he said.

Detailed information on 2.7 million customers was part of a large database of 57 million people captured by the hacker group in October and November 2016.

Uber paid the badailants $ 100,000 (£ 78,400) to destroy the data they had collected.

Paying hackers and saying nothing about it "was not an appropriate response to the cyber attack," said Mr. Eckersley.

In response, Uber stated that he had changed his way of processing the data since 2016 and that he was now employing a privacy officer and a data protection officer who oversaw his operations.

"We brought a number of technical improvements to the security of our systems both immediately after the incident and in the ensuing years."

"We are delighted to close this chapter on the 2016 data incident," he said.

In the United States, Uber paid $ 148 million to pay the federal charges for the 2016 violation.