Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: ITWiser Webmaster
Pennsylvania Attorney General sues Uber over 2016 data fail
Pennsylvania Attorney General is seeking at least $13.5m in damages for Ubers failure to disclose the 2016 theft of its customer and driver records. Attorney General Josh Shapiro says Uber violated the state data breach law when it failed to promptly file a report and notify both drivers and passengers of the loss of data.
In 2016 Uber violated the state’s Consumer Protection Law when it paid a hacker six figures to keep quiet about the incident. Around 13,500 Uber drivers in Pennsylvania had data exposed by the attack. Uber eventually came forward about the matter in 2017 after hiding the incident for over a year. It is thought that Uber broke the ‘Breach of Personal Information Notification Act’, which is in place to ensure that any breach of personal information to be disclosed ‘without unreasonable delay’ by failing to advise those drivers impacted by the breach.
The law on data protection is changing in May 2018 as the UK have chosen to adopt the EU legislation (EU)2016/679 regarding General Data Protection Regulation
Large fines and penalties on the horizon such as 2% of global turn over for internal systems not being compliant and 4% of global turnover for a data breach.
ITWiser offer a wide range of services and solutions that can help prevent issues like this from affecting you and your business. We offer internal security audits and external security audits, these audits are designed to highlight issues inside and outside your network. For more information on these or on any of our other services please get in touch today.