The taxi hailing app company concealed the cyber hack which included names, email addresses and phone numbers, as well as 60,000 US driver’s license numbers. Uber claims more sensitive information like credit card and bank details, were not compromised.
Under new European GDPR rules effective in the UK from May 2018, organisations will have just 72 hours to report such a breach and could face a fine of up to 4% of their global annual turnover.
GDPR will raise challenges for many businesses around how they protect their data in the first instance. As a repository for critical and personal data, MIGSOLV is already working with clients to ensure they’ve done all they can to keep regulators happy and their customer’s data safe.
Many businesses who hold and process personal data will need to appoint a Data Protection Officer and conduct new Data Protection Impact Assessments. MIGSOLV’s Gatehouse data centre in Norwich is already proving an asset as businesses begin to document the low-risk environment it provides.