Uber data breach costs millions
We’ve discussed in a number of articles recently the new data breach reporting laws.
A prime example of why these laws were desperately needed has recently been settled in court for an amount of US$148 million.
The initial incident happened in 2016 where personal information of 57 million worldwide users of Uber had their personal information hacked.
Uber’s initial response was to cover up the hack by paying the people who stole the information US$100,000 to delete it and to keep quiet. At the time of the breach Uber did not notify affected individual or any regulators.
The settlement payable was due to the company’s failure to safeguard user data and for the subsequent cover-up.
The new data breach notification laws in Australia would ensure an ability to take further action against a company if a similar incident was to occur again. Clearly most businesses won’t be at risk for this level of fine but it is in no one’s interest to cover up this kind of breach.