Information and communications regulatory authorities in Britain and Dutch have individually fined the ride-sharing company Uber with combined fine totaling $1.17 million. This fine was over the 2016 data breach that exposed personal information for millions of customers.
“The UK’s Information Commissioner’s Office (ICO) announced a $491,284 fine against the ride-sharing company for ‘failing to protect customers’ personal information during a cyber-attack in October and November of 2016,” reads a report by the CNBC. “The Dutch Data Protection Authority imposed its own $679,257 penalty for the same.”
In the 2016 cyber attack on Uber, the hackers made away with personal information including full names, phone numbers, and email addresses of 2.7 million users in the UK and 174,000 in the Netherlands. The UK’s ICO said that single attack caused a serious breach to the country’s 1998 Data Protection Act and exposed Uber customers and drivers to higher risks of fraud.
The Dutch authorities said the fine it was imposing on Uber was mostly due to the fact that the company failed to report the breach within the mandatory 72-hours after it took place.
The US also fined Uber $148 million over the 2016 breach, and in September this year, the company agreed to pay the fine. During a Tuesday press briefing, a spokesperson from the company says they are “pleased to close this chapter on the data incident from 2016.”