Uber hack: EU data protection bods launch taskforce
Justice commissioner slams biz for 'irresponsible' behaviour
The European Union’s group of data protection watchdogs has launched a taskforce into the Uber data breach that affected 57 million users worldwide.
The Article 29 Working Party discussed the breach, which took place in October 2016 but was only revealed last week, at its November plenary meeting yesterday.
The taskforce will be led by the Dutch Data Protection Authority - Uber’s European HQ being based in Holland.
At the moment, the group said, the taskforce is made up of representatives from the French, Italian, Spanish, Belgian and German agencies, as well as the UK’s Information Commissioner’s Office.
Full details of the taskforce’s plans for the investigation have not yet been made public, but a spokeswoman previously said the aim was to coordinate the approach taken by the European authorities.
It is likely to consider the way Uber dealt with the breach, which saw the firm attempt to cover it up by bunging $100,000 to the hackers, disguised as a bug bounty payment, in exchange for their silence.
The taxi biz’s actions have also been condemned by European justice commissioner Vĕra Jourová.
Speaking at a data protection conference in Brussels today, she said that the breach, and the fact Uber waited more than a year to 'fess up, was an example “of the privacy challenges we face in the digital age”.
Jourová added that the incoming General Data Protection Regulation would “allow us to respond adequately to such irresponsible behaviour”.
Uber has also been called out for other regulatory failings elsewhere, with Transport for London rejecting its application for a new licence, saying it was not “fit and proper” to hold one in the capital.
Meanwhile, The Financial Times reported yesterday that Uber’s latest quarterly results showed adjusted losses had widened to $734m, up 14 per cent on the previous quarter. ®
Sponsored: Becoming a Pragmatic Security Leader