Britain’s Information Commissioners Office (ICO) and the Dutch Data Protection Authority (Dutch DPA) have both officially fined Uber a total of $1,170,892 USD for the failure to keep personal information of their citizens safe. Uber waited an entire year to disclose the breach that exposed names, email addresses, and phone numbers of 57 million customers as well as license numbers of 600,000 drivers. When the breach was first discovered, Uber paid the unknown hackers a $100,000  ransom to keep the incident a secret. The organization guaranteed its clients that other individual elements such as trip area history, charge card numbers, bank balance numbers, Social Security numbers or dates of birth, were not compromised in the breach. Uber was lucky that the breach happened prior to the EU’s GDPR was put into place or they could have been facing a fine of 17 million pounds ($21,661,026), or even 4 percent of its annual global revenue.