Uber fined in Romania for failing to notify data security incident


Romania’s National Supervisory Authority for Personal Data Processing fined the ride sharing service Uber with RON 200,000 (EUR 43,000) for failing to notify the authority about a security incident that may have affected the personal data of some 30,000 local clients, Profit.ro reported.

Uber also failed to notify the affected clients about this incident, according to the authority. The company challenged the sanction.

The security incident, which affected the personal data of some 57 million Uber users worldwide, occurred in 2016 but was only announced by the company in November 2017. The company said at that time that there was no indication that the clients’ trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded.

At the beginning of June, Uber sent an e-mail notification to all of its 30,000 users (passengers and drivers) in Romania affected by this incident.

Uber launches food delivery app Uber Eats in Bucharest

[email protected]

Romania Insider
Free Newsletters

Be up to speed with what’s happening in Romania! Choose from our 7 newsletters, covering the entire array of business, social, politics, and entertainment news

Subscribe now