David Woods

+44 (0)1733 887793 dvwoods@greenwoodsgrm.co.uk

View full profile →

John Macaulay

+44 (0)1733 887708 jmacaulay@greenwoodsgrm.co.uk

View full profile →

Taxi for the voluntary notification of Data Protection breaches!

Essentials / 28 November 2017

“Uber has confirmed its data breach in October 2016 affected approximately 2.7 million user accounts in the UK”, the Information Commissioner’s Office has announced. “We would expect Uber to alert all those affected in the UK as soon as possible.”

The breach involved names, mobile phone numbers and email addresses. “On its own”, says the ICO, “this information is unlikely to pose a direct threat to citizens. However, its use may make other scams, such as bogus emails or calls, appear more credible”.

It appears that the breach had been concealed at the time.

Under the GDPR, which comes into force on 25 May 2018, it is mandatory to notify a data breach in certain circumstances.

The ICO must be informed within 72 hours unless the breach is “unlikely to result in risk to individual(s)”.

The data subjects must be informed without undue delay where the breach is likely to result in high risk to individual(s).

Organisations are advised to put procedures in place to deal with a data breach if one should occur.

Please contact us if you require support with the new GDPR regulations.

Back to Our Thinking →

Get in touch with us

Interested in finding out more? Use this form to let us know how to contact you and what you’d like to know, and we’ll get back to you.

Alternatively, contact anyone listed on our website direct, they will be happy to hear from you.

  • This field is for validation purposes and should be left unchanged.