Reading:
Multiple British intelligence and law enforcement agencies to investigate Uber hack and cover-up
Share:
uber data breach

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Multiple British intelligence and law enforcement agencies to investigate Uber hack and cover-up

Uber recently admitted to a historic data breach that compromised personal data belonging to some of its 57 million users and drivers worldwide. With six million of those users in the U.K., a significant number of people in Britain are expected to be potentially at risk of further criminal activity like fraud and digital harassment.

To make matters worse, the breach happened a year ago in October 2016, but instead of telling the authorities, Uber decided to ‘handle it’ by finding the hackers and paying them off to keep quiet.

Crime and security agencies involvement

The seriousness of the breach has prompted several British intelligence and law enforcement agencies to investigate the damage. The U.K.’s National Cyber Security Centre (NCSC) are conducting an inquiry into the breach, and as part of the GCHQ intelligence service, they will be focused on the extent of the breach; Uber’s failure to disclose it; and the steps it took to potentially cover it up.

The National Crime Agency (NCA) are set to be involved in the probe as well, which suggests the hackers may have been based here in the U.K.

Regulator involvement

The Information Commissioner’s Office (ICO) as the U.K.’s data protection watchdog will be investigating Uber’s data breach. ICO deputy commissioner, James Dipple-Johnstone, said that Uber’s actions:

“…raises huge concerns around its data protection policies and ethics.”

He continued to talk about Uber’s responsibility to disclose the breach if U.K. citizens are affected by it so appropriate steps can be taken to protect victims.

The ICO has the power to fine the company up to £500,000 for violating data protection laws. Uber will no doubt be under serious scrutiny as a result of their efforts to conceal the breach and keep it hidden for a year or so.

Local government

London Mayor, Sadiq Khan, expressed his concerns over the breach, especially as it came just before Uber was set to appeal the legal decision revoking their licence to operate in London. Uber had its licence revoked earlier this September by Transport for London (TfL) after it deemed the alternative taxi service “not fit and proper” because of a number of issues.

TFL noted that the car sharing company lacked “corporate responsibility.”

The decision to silence the breach

The former head of security at Uber, Joe Sullivan, reportedly made the call to silence the hackers and sweep the breach under the carpet. Along with his deputy, instructions were apparently made to perceive that the breach conducted by the hackers was controlled and deliberate by pretending the hackers were employed to conduct penetration testing to check Uber’s security systems. Sullivan and his deputy have lost their jobs over the scandal but authorities may have more to say in regards to any alleged legal misconduct.

The NCSC has tweeted a message to Uber users and drivers, urging them to take steps in order to protect themselves:

– Immediately change passwords you used with Uber;
– Be alert to phishing emails;
– Be vigilant to potential scam calls;
– Do not feel obliged to delete the app;
– Contact Action Fraud if you think you have been a victim.

Uber has admitted that it told a potential investor, SoftBank Group Corp, about the breach prior to coming clean with the public. A statement by Uber says:

“We informed SoftBank that we were investigating a data breach, consistent with our duty to disclose to a potential investor, even though our information at the time was preliminary and incomplete.”

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon