OAIC: Uber failed to protect personal data of Australians
Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog
Share this item with your network:
By
Published: 26 Jul 2021 3:30
Uber had failed to protect the personal data of 1.2 million Australian customers and drivers, which was accessed in a cyber attack in October and November 2016, Australia’s privacy watchdog has found.
The determination follows detailed investigations into US-based Uber Technologies and Dutch-based Uber B.V. which involved significant jurisdictional matters and complex corporate arrangements and information flows.
While Uber required the attackers to destroy the data and there was no evidence of further misuse, the investigation by the Office of the Australian Information Commissioner (OAIC) focused on whether Uber had taken preventative measures to protect Australians’ data.