IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

ICO: Uber data breach raises huge concerns

The ICO and NCSC will investigate the impact on UK customers

The ICO said the way in which Uber dealt with a major data breach has raised "huge concerns" over the company's data protection policies and ethics.

The UK's data regulation body said concealing a data breach should come with a much larger fine than the standard penalities imposed on organisations that fail to sufficiently protect their customers' data. Uber is alleged to have paid the hackers $100,000 not to mention it had hacked the taxi booking app's systems, according to Bloomberg.

"It's always the company's responsibility to identify when UK citizens have been affected as part of a data breach and take steps to reduce any harm to consumers," ICO deputy commissioner James Dipple-Johnstone said in a statement.

"If UK citizens were affected then we should have been notified so that we could assess and verify the impact on people whose data was exposed."

The ICO said it would investigate into the breach, including ascertaining how many UK citizens have been affected and to what extent. Uber revealed that information such as names, email addresses and mobile phone numbers had been accessed, but there's currently no evidence that social security numbers, payment details and trip data was stolen.

"We'll be working with the National Cyber Security Centre (NCSC) plus other relevant authorities in the UK and overseas to determine the scale of the breach, how it has affected people in the UK and what steps need to be taken by the firm to ensure it fully complies with its data protection obligations," Dipple-Johnstone added. 

The NCSC has also spoken out against Uber's actions, saying that any company that finds it has been subject of a cyber attack shoud report it immediately for the safety of citizens.

"The more information a company shares in a timely manner, the better able we are to support them and prevent others falling victim," it said.

Featured Resources

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Free Download

Big payoffs from big bets in AI-powered automation

Automation disruptors realise 1.5 x higher revenue growth

Free Download

Hyperscaler cloud service providers top ten

Why it's important for companies to consider hyperscaler cloud service providers, and why they matter

Free Download

Strategic app modernisation drives digital transformation

Address business needs both now and in the future

Free Download

Recommended

Uber launches infosec hiring spree after attributing breach to LAPSUS$
cyber attacks

Uber launches infosec hiring spree after attributing breach to LAPSUS$

20 Sep 2022
Uber hacked via basic smishing attack
Security

Uber hacked via basic smishing attack

16 Sep 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Uber secures 30-month licence to operate in London
Policy & legislation

Uber secures 30-month licence to operate in London

28 Mar 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Larger monitors aren't all they're cracked up to be
monitors

Larger monitors aren't all they're cracked up to be

3 Dec 2022
Defra's legacy software problem 'threatens' UK gov cyber security until 2030
Business strategy

Defra's legacy software problem 'threatens' UK gov cyber security until 2030

6 Dec 2022