Clarkslegal LLP - Solicitors in Reading and London

Legal Updates

Uber facing large fine as a result of data breach

01 December 2017 #Employment #Data Protection

Uber has recently admitted that it concealed a cyberattack that exposed the data of 57 million customers and drivers in October 2016, including names, email addresses and mobile phone numbers. The breach was hidden by the firm, which paid hackers US $100,000 (approx. £75,000) to delete the data.

Last week, the ICO confirmed UK citizens have been affected by the breach. It stated Uber’s admission “raises huge concerns around its data protection and policies,” and that “deliberately concealing breaches from regulators and citizens could attract higher fines for companies.” The National Cyber Security Centre (NCSC) also said companies must report any cyberattack “immediately.” The ICO announced it is working with the NCSC to determine the exact scale of the breach, and what steps Uber will need to take to comply with its data protection obligations.

The GDPR makes it mandatory for organisations to report breaches to the ICO and individuals within 72 hours (where feasible) of a breach, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons. Clearly, organisations should not attempt to conceal any issues, as this may result in increased fines and, more significantly, negative publicity.

Uber was previously fined £20,000 by the ICO for failing to disclose a less serious breach in 2014. Due to the scale of the breach, its repeated offending and the way in which it was handled, it is likely the consequences will be much more severe this time around.

Clarkslegal, specialist Employment lawyers in London, Reading and throughout the Thames Valley.
For further information about this or any other Employment matter please contact Clarkslegal's employment team by email at by telephone 020 7539 8000 (London office), 0118 958 5321 (Reading office) or by completing the form on this page.
This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Read more articles

Helen Beech

Helen Beech

T: 0118 9604 639
M: 07747 620 379


Employment team
+44 (0)118 958 5321