Uber‘s secret $100,000 pay-off to hackers to cover up a massive breach of customer and driver data at the ride-hailing firm raises “huge concerns” about its data policies and ethics, Britain’s data protection regulator said on Wednesday.
“Deliberately concealing breaches from regulators and citizens could attract higher fines for companies,” James Dipple-Johnstone, deputy commissioner of the UK Information Commissioner’s Office, said in a statement.
The maximum penalty is 500,000 pounds ($662,350.00) under current British law for organizations that fail to notify affected users and regulators when data breaches occur.
It should be noted that earlier this month, Uber announced a planned deal that would see a consortium led by SoftBank inject between $1 billion and $1.25 billion into the ride-hailing company.
Read More: SoftBank Backing May Nudge Uber Into the Southeast Asian Market
The new management of San Francisco-based Uber said on Tuesday that it had only learned recently that personal information from about Uber 57 million accounts had been stolen in 2016. Chief Executive Dara Khosrowshahi, who replaced co-founder Travis Kalanick as CEO in August, said the company had fired two senior security officials involved in the cover-up.
Read More: Uber’s CEO Comes From What May Be the World’s Most Techie Family
Uber said it was in the process of notifying various regulatory authorities but declined to comment further.