Alert affected customers as soon as possible: ICO
Just days after Uber admitted of a massive cyberattack and breach of personal data of 50m users and 7m drivers globally, the ride sharing firm has said today that in that breach personal data of approximately 2.7m people in the UK has been exposed.
Uber added: “Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers or dates of birth were downloaded.”
The firm had reportedly kept this news a secret for over a year. The ride-sharing firm also confirmed that it had paid the hackers responsible $100,000 to delete the data and keep the breach quiet.
“This latest shocking development about Uber will alarm millions of Londoners whose personal data could have been stolen by criminals,” Sadiq Khan said.
“Uber needs to urgently confirm which of their customers are affected, what is being done to ensure these customers don’t suffer adversely, and what action is being taken to prevent this happening again in the future.
“The public will want to know how there could be this catastrophic breach of personal data security,” Khan added.
The data regulator, the Information Commissioner’s Office (ICO), has said it was yet to receive technical reports on the incident and called on the company to alert affected customers as soon as possible.
The company’s former chief executive Travis Kalanick knew about the breach over a year ago, states Bloomberg which first broke the news.