After a complex investigation into the case of Uber’s data breach incident back in 2016, the Australian privacy commissioner now blames the ride-sharing company for several violations.
It was proved that Uber has tried to cover up the data breach incident, which involved breaching sensitive details of over 1.2 million Australians. Thus, the regulator now demands Uber to set up a compliance officer and follow the relevant laws of the country.
Uber Mishandling the Data Breach
Back in 2016, the US-based Uber Inc technologies and its Dutch subsidiary Uber B.V suffered a data breach incident, where an unauthorized party has accessed the names, email addresses, and mobile phone numbers of over 57 million Uber riders and 600,000 drivers.
After realizing the breach, instead of reporting to the authorities and affected customers, Uber tried covering up the situation by paying the hackers through a bug bounty program and asked them to stay quiet on this.
This was found later in investigations, and aggrieved countries like the US, UK, and Holland have slashed fines of $148 million, 385,000 pounds, and 650,000 Euros respectively.
And now, it’s time for the Australian regulator to quash Uber on this incident, and said it’s determined that Uber has failed to comply with procedures, practices, and systems as per Australian Privacy Principles.
Also, Uber breached the Australian Privacy Act 1988, by “not taking reasonable steps to protect Australian’s personal information for unauthorized access and to destroy or de-identify the data as required,” as said by the Australian privacy commissioner, Angelene Falk.
This led the Privacy commissioner to force Uber in complying with the relevant data laws, prepare a data retention and destruction policy, form an information security program, and make an incident response plan within three months.
Also, it asked Uber to appoint an independent expert to review the actions and report to OAIC within five months.
Other Trending News:- News