Uber has revealed that 2.7 million UK based customers and drivers were affected by a 2016 data breach that it covered up.
Common stolen information includes names, email addresses, phone numbers, and passwords.
The ICO had previously said it had huge concerns about the breach and are making an active investigation into the matter. A spokesman for the ICO said: "As part of our investigation we are still waiting for technical reports which should give full confirmation of the figures and the type of personal data that has been compromised" and "We would expect Uber to alert all those affected in the UK as soon as possible".
Uber not only sought to cover up the incident but also paid hackers $100,000 (£75,000) to delete the data they had stolen.
Stolen personal data is often used by scammers for the purpose of identity theft and hackers also make use of the data to access personal and business systems. Passwords are often easily decrypted and attackers can easily gain access to work or private accounts if that user had repeatedly used the password on multiple accounts.
Recent data suggests more than 99.99% of people have used a password on more than one account. If you're employees share their VPN or vital work passwords with any other service, then you are at risk of attackers gaining access. We have a solution that tracks data breaches and alerts the business and it's employees, if they have been victim to available data breaches for a lost cost of £10 per month. Click here to learn more about our data breach tracking services.