France’s data protection agency said Thursday that it had fined the US ride-hailing group Uber 400,000 euros ($460,000) over a 2016 data breach that exposed the personal data of some 57 million clients and drivers worldwide.
Uber drew the wrath of users and regulators after the company waited a year before revealing in November 2017 that hackers had infiltrated its systems.
The French Data Protection Authority said the breach would have been prevented “if certain elementary security measures had been in place.”
Uber has already paid $148 million to US authorities to avoid a potentially embarrassing court case, and vowed to improve its security efforts.
Last month, the Netherlands imposed a 600,000-euro fine over the breach and Britain ordered Uber to pay 385,000 pounds ($490,000).
The company, which is widely expected to launch a public stock offering next year, has been trying to burnish its reputation after a series of scandals over executive misconduct and its competitive practices.