Uber infringed on the privacy of more than 1 million Australians in 2016, according to the Office of the Australian Information Commissioner (OAIC). Personal data of an estimated 1.2 million Australian customers and drivers was accessed from a breach in October and November 2016, Australia’s Information Commissioner and Privacy Commissioner Angelene Falk said on Friday that US-based Uber Technologies Inc and Dutch-based Uber B.V. failed to adequately protect it.
In late 2017, it was revealed that hackers had stolen data on 57 million Uber users throughout the world, as well as data on over 600,000 Uber drivers. Uber hid the breach for over a year and paid the hacker to keep it hidden instead of notifying individuals affected. OAIC said its investigation focused on whether Uber had preventative measures in place to secure Australians’ data, even though Uber compelled the attackers to destroy the data so that there was no evidence of future exploitation.