INSUBCONTINENT EXCLUSIVE:
Image copyrightAFPImage caption
Uber paid a massive settlement fee in the US after the 2016 breach
Uber
astray in the 2016 attack.The data had been stolen thanks to "avoidable data security flaws", said the Information Commissioner's
"This was not only a serious failure of data security on Uber's part but a complete disregard for the customers and drivers whose personal
information was stolen," said Steve Eckersley, director of investigations at the ICO.Uber had done nothing to alert people that data had
been downloaded or to support people affected, he added.Customers whose data had been stolen had been left at "increased risk of fraud", he
said.The details on 2.7 million customers were part of a massive cache of information on 57 million people taken by the hacker group in
nothing about it was "not an appropriate response to the cyber-attack", said Mr Eckersley.In response, Uber said it had changed how it
handled data since 2016 and now employed a chief privacy officer and a data protection head who oversaw its operations.It added: "We've made
a number of technical improvements to the security of our systems both in the immediate wake of the incident as well as in the years
since.""We're pleased to close this chapter on the data incident from 2016," it said.In the US, Uber paid $148m to settle federal charges
