Advertisement

Uber will inform all Canadians whose data may have been compromised in 2016 breach

A photo illustration shows the Uber app logo displayed on a smartphone, as it is held up for a posed photograph.
A photo illustration shows the Uber app logo displayed on a smartphone, as it is held up for a posed photograph. REUTERS/Toby Melville/Illustration

Uber says it will inform all Canadians whose personal data may have been compromised in a 2016 breach after Alberta’s privacy commissioner ruled it must do so.

Company spokesperson Jean-Christophe de le Rue says while the company disagrees with the ruling, it will comply.

READ MORE: Uber reveals 2016 hack, reports say it paid $100,000 to cover up

Uber will email affected riders and drivers in the country over the next few days about the October 2016 breach that saw the theft of information from some 57 million accounts globally.

The company previously disclosed that 815,000 Canadian riders and drivers may have been affected.

Watch below: Uber reveals it was the victim of a hack

Click to play video: 'Uber reveals it was the victim of a hack'
Uber reveals it was the victim of a hack

The stolen information included names, email addresses and mobile numbers. The company said an internal investigation failed to identify any location history, credit card numbers, bank account numbers or birth dates were downloaded.

Story continues below advertisement

READ MORE: Uber paid 20-year-old Florida man to keep data breach secret

Get expert insights, Q&A on markets, housing, inflation, and personal finance information delivered to you every Saturday.

Get weekly money news

Get expert insights, Q&A on markets, housing, inflation, and personal finance information delivered to you every Saturday.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

De Le Rue says that when Uber learned about the breach, it conducted a thorough investigation and notified Canadian privacy commissioners, fully co-operating with their investigations.

He says the company has seen no evidence of fraud or misuse tied to the incident and continues to monitor the affected accounts.

Uber plans to ask for a judicial review of the ruling because, in its view, the breach did not create a real risk of significant harm.

READ MORE: Uber hackers were located in Canada and Florida, company says

The office of the information and privacy commissioner of Alberta did not immediately respond to a request for comment.

In 2010, the province of Alberta became the first Canadian jurisdiction to require private-sector organizations, like Uber, to notify consumers of such breaches when “a real risk of significant harm” exists.

Sponsored content

AdChoices