Uber will inform all Canadians whose data may have been compromised
Uber says it will inform all Canadians whose personal data may have been compromised in a 2016 breach after Alberta's privacy commissioner ruled it must do so.
Company spokesman Jean-Christophe de le Rue says while the company disagrees with the ruling, it will comply.
Uber will email affected riders and drivers in the country over the next few days about the Oct. 2016 breach that saw the theft of information from some 57 million accounts globally.
The company previously disclosed that 815,000 Canadian riders and drivers may have been affected.
The stolen information included names, email addresses and mobile numbers. The company said an internal investigation failed to identify any location history, credit card numbers, bank account numbers or birth dates were downloaded.
De Le Rue says that when Uber learned about the breach, it conducted a thorough investigation and notified Canadian privacy commissioners, fully co-operating with their investigations.
He says the company has seen no evidence of fraud or misuse tied to the incident and continues to monitor the affected accounts.
Uber plans to ask for a judicial review of the ruling because, in its view, the breach did not create a real risk of significant harm.
The office of the information and privacy commissioner of Alberta did not immediately respond to a request for comment.
In 2010, the province of Alberta became the first Canadian jurisdiction to require private-sector organizations, like Uber, to notify consumers of such breaches when "a real risk of significant harm" exists.
News from © Canadian Press Enterprises Inc. 2018
Most Popular Stories
4th Annual Mission 500 Hockey Classic
February 21, 2019
Security Career Expo
March 7, 2019
April 10-12, 2019
26th Annual ASIS Toronto Best Practices Seminar
April 17, 2019
Security Canada East
April 24, 2019
Security Canada Ottawa
May 8, 2019