(Reuters) Uber’s secret $100,000 (£75,468) pay-off to hackers to cover up a massive breach of customer and driver data raises “huge concerns” about its privacy policies and ethics, Britain’s data protection regulator said on Wednesday.
“Deliberately concealing breaches from regulators and citizens could attract higher fines for companies,” James Dipple-Johnstone, deputy commissioner of the UK Information Commissioner’s Office, said in a statement.
The maximum penalty is £500,000 under current British law for organisations that fail to notify affected users and regulators when data breaches occur.
Security officials fired
The new management of San Francisco-based Uber said on Tuesday that it had only learned recently that personal information from about Uber 57 million accounts had been stolen in 2016.
New chief executive Dara Khosrowshahi, who replaced co-founder Travis Kalanick as CEO in August, said the company had fired two senior security officials involved in the cover-up.
Uber said it was in the process of notifying various regulatory authorities but declined to comment further.