Uber gets Hefty Monetary Penalty over 2016 Cyber Assault

Uber had encountered a cyber-attack in 2016 which resulted in the exposure of data pertaining to innumerable customers and drivers to the attackers. For this mishap authorities have fined the car hiring company 385K pounds. The amount is not too different from 500K pounds the maximum fine possible that ICO (Information Commissioner's Office) levied on Facebook in connection with the website's failures over the Cambridge Analytica incident.

ICO's probe determined that the cyber-criminals employed a method called "credential stuffing" wherein hijacked pairs of usernames and passphrases are involved that are fed into online sites till the time the pairs match with the A/Cs on the platforms for acquiring admission into the data storage of the target entity, in this case Uber.

Uber's penalty is being levied at the time the company tries adjusting with London drivers with respect to their employment condition as well as the different benefits they're eligible for. During June, Uber was issued one fresh probationary license for a 15-month period so it could operate in London, capital of UK, following concerns transport regulators listed regarding the company's aggressive attitude along with passengers' safety. Thestar.com posted this, November 27, 2018.

According to United Kingdom's ICO, the Uber cyber assault demonstrated one severe infringement upon the 1998 Data Protection Act of the nation, wherein drivers and customers were exposed to dangers of fraudulent activity. According to the watchdog, Uber was being fined since it didn't report the hacking incident within 72-hrs the mandated time period in the country.

When the cyber assault took place during 2016, the General Data Protection Regulation law of the European Union, which took effect during May, couldn't be applied to it. The latest regulations are capable of raising fines for Uber like companies by a maximum of 4% of worldwide yearly incomes alternatively EUR 20m, one which would amount higher.

A representative of Uber stated that there was no clue of misuse or fraud in the aftermath of the incident. The company sacked Joe Sullivan the chief security officer along with a deputy and Craig Clark senior lawyer over seemingly concealing the truth.

» SPAMfighter News - 11/30/2018