Uber Faces EU-Wide Privacy Probes Into Hidden Hacking Attack
Uber faces privacy probes across the European Union from regulators who vowed to look into the huge data breach that the company hid for more than a year, according to Bloomberg.
EU data protection officials will discuss the incident and its privacy implications at a regular meeting in Brussels next week, the head of the so-called Article 29 Working Party said in a statement. Multiple regulators in Europe earlier already vowed to start an investigation, with Italy’s data protection chief speaking of an “obvious lack of adequate security measures” at the ride-hailing company.
Hackers stole the personal data of 57 million customers and drivers from Uber, a major breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.
The Dutch privacy watchdog, Uber’s lead regulator in Europe, the Spanish and the British agencies also said they are reviewing the incident. The Netherlands regulator said that Uber, which has its European base in the nation, has informed it of the hack. “As we do with every data breach report, we will look into this report very thoroughly,” its spokeswoman Frederique Hermie said in an email.
While some European watchdogs’ fining powers are minimal, most of the current 28 EU regulators have no powers to levy penalties at all. This will change in May 2018, when data protection authorities across the bloc will get the same powers to fine companies, including U.S. firms, as much as 4 percent of annual sales.