Penalty against Uber (NL)

Penalty against Uber (NL)

In the fall of 2016, data from approximately 57 million customers were stolen, including approximately 174,000 Dutch. Uber concealed this incident and paid the attackers $ 100,000, – for assurances that the data will be deleted. The Dutch DPA imposed a fine of € 600,000 on the group as a result of the incident.

The incident occurred before the entry into force of the GDPR, so the fine was imposed under the Dutch Data Protection Act. As a result of this incident, the UK also imposed a fine of £ 500,000 on the company, which was the maximum penalty under the then UK Data Protection Act. France also imposed a fine of € 400,000.

Entscheidungsdatum:
27.11.2018

Land:
Netherlands

Art des Verstoßes:
Theft of Data

Betroffene Datensätze:
174 000

Waren sensible Daten betroffen?:
No

verhängte Geldstrafe:
€ 600,000,-

Quelle: