Adding to Uber’s already long list of legal complications is a probe by the European Union Privacy Regulators into the ride-hailing app company’s hidden data breach.
The European Union Privacy Regulators will discuss Uber’s massive data breach cover-up next week and could create a task-force to coordinate investigations. New Uber CEO Dara Khosrowshahi admitted that the company covered up a breach last year that compromised the data of about 57 million users.
The chairperson of the group European Data Protection Authorities, known as the Article 29 Working Party, said on Thursday that this data breach would be discussed at the group’s meeting on Nov. 28 and 29. While EU Data Protection Authorities cannot impose joint sanctions, they can, and most likely will, set up taskforces to coordinate national investigations.
Uber paid hackers $100,000 to keep secret the massive breach. The stolen information included names, email addresses and mobile phone numbers of Uber users around the world, as well as the names and license numbers of 600,000 U.S. drivers, Khosrowshahi said. Uber declined to comment on what countries may have been affected.
“We cannot but voice our strong concern for the breach suffered by Uber, which was reported belatedly by the U.S. company,” said Antonello Soro, president of the Italian Data Protection Authority, on Wednesday. “We initiated our inquiries and are gathering all the information that can help us assess the scope of the data breach and take the appropriate steps to protect any Italian citizens involved.”
The British Data Protection Authority also said the concealment of the breach raised “huge concerns” about Uber’s data policies and ethics.
Uber is already facing a possible ban on its operation in London. This probe by the European Union could have an effect on the company’s operation across Europe.