Uber had both the legal and social obligation to inform governments and customers of the attack
Source: OAK Consulting for Mimecast , Author: Posted by BI-ME staff
Posted: Thu November 23, 2017 12:24 pm

UAE.  Following on the news that taxi app company Uber admitted a data breach affecting 57 million customers and drivers from around the world and paid the hackers $100,000 to delete the stolen data,  Dan Sloshberg, cyber resilience expert, Mimecast commented.
“Uber had both the legal and social obligation to inform governments and customers of this attack, and the fact the company chose to pay hackers and hide the massive breach is shocking. Pretending that an attack hasn’t happened, or quietly paying attackers off only emboldens perpetrators further.

“With the General Data Protection Regulation (GDPR) coming into effect in May 2018, businesses must report breaches within 72 hours or face crippling fines much bigger than what Uber paid to hackers.

“Businesses need to realise that the impact of breaches can be very serious - with knock-on effects on the organisation itself, employees and customers. To combat threats and ensure they remain compliant ahead of the GDPR, organisations must invest in minimising their risk appropriately with an appropriate cyber resilience strategy.

"This should also include a plan if something does go wrong.”

Photo Captions:
1. (above)  Dan Sloshberg, cyber resilience expert, Mimecast
2. (inset)  For illustrative purposes only (File photo)



date:Posted: June 22, 2018
Bain & Company's spring luxury update highlights four trends shaping the personal luxury goods market in 2018 and beyond.
date:Posted: June 21, 2018
INTERNATIONAL. Private sector can be an important partner in meeting US$320 billion in oil and gas investment, Crescent Petroleum CEO tells OPEC seminar.
date:Posted: June 18, 2018
UAE. 24% of Middle Eastern entrepreneurs are motivated by social impact and view it as their top priority as a business owner; 66% are undertaking angel investing.