Former Prime Minister Alfred Sant has asked the European Commission whether it has any information on the massive data breach on consumers by Uber and whether it planned to take formal action for the violation of EU legislation.

Uber experienced a massive data breach in October last year that included the personal information of 57 million consumers and drivers across the globe, including EU citizens.

According to recent news, instead of notifying the authorities or the individuals affected, Uber paid the hackers responsible for the original breach $100,000 to delete the data and cover up the breach in security.

Discovery of the US company’s cover-up of the incident resulted in the firing of two employees responsible for its response to the hack. Dara Khosrowshahi, who replaced co-founder Travis Kalnick as CEO in August, said he had only recently learned of this massive breach.

“What is the Commission’s view of practices which enable a company active in the digital and sharing economy to experience a data breach without informing clients or the relevant national authorities?” asked the Maltese MEP.

Dr Sant said that in light of EU legislation on measures applicable to the notification of personal data breaches as well as on privacy and electronic communications, Uber’s year-long cover-up was highly questionable.

This regulation specifies that when the breach of data can adversely affect the personal privacy of individuals, providers shall notify the individuals and this notification should be made no later than 24 hours after its detection.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.