Uber Technologies Inc. is the data controller. In summary, in the data breach notification submitted to the Personal Data Protection Board by:

• The data controller received an e-mail on July 2, 2024 from a person who revealed his intention to make personal data that may originate from Uber publicly available,
• It has not yet been determined when the data breach occurred and what the source of the breach was, and investigations are ongoing.
• Uber users (passengers and/or people ordering food) and/or drivers and/or delivery people are affected by the violation,
• Regarding the data affected by the breach;
  • It is anticipated that the screenshots of the data of Uber users (passengers and/or people ordering food) include name, e-mail address, phone number, profile photo, registration date and score information,
  • In terms of drivers and/or delivery people on the Uber platform, the data predicted to be affected by the violation; The screenshots contain data within the scope of documents such as driver's license, insurance, identity card, vehicle registration and checks within the scope of duty of care,

However, the affected personal data is not fully known at the moment,

• The number of people affected by the breach has not yet been determined.

information is included.

Although the investigation on the issue continues, with the Decision of the Personal Data Protection Board dated 10.07.2024 and numbered 2024/1161, it was decided to announce the data breach notification on the Authority's website.

Source of New: KVKK Public Announcement (Notification of Data Breach)