Who’s been facing the EU regulator these days?

Huazhu Hotels Group has compromised the data of 130 million clients. Personal information and booking confirmations appeared to be on the market. The details of customers were found for sale on a dark web forum. 8 bitcoin or nearly US$56,000 for phone numbers, email addresses, bank accounts and booking details.

The investigation had been held but the outcome hasn’t been revealed yet.

The dark web is only a part of the deep web (money counterfeit, drug selling) not indexed by web search engines.

Huazhu owns above 10 hotel brands and manages around 3,800 hotels across almost 400 cities.

It took Cathay Pacific Airways 7 months to announce a data breach.

Personal details of 9,4 million passengers are reported to have been accessed by attackers in March. The customers are complaining about being consciously uninformed. Since GDPR requires all the breaches to be announced within 72 hours Cathay could have paid the punishment, but the leak is claimed to be discovered before the rule came into force.

403 expired credit card numbers and 27 credit card numbers with no card verification value were compromised, 860,000 passport numbers and 240,000 Hong Kong ID card numbers were affected.

Drivers claim that Uber won’t to disclose the personal data they use and consider during job allocation and making decisions regarding dismissal.

“Drivers are suspended and fired at will without due process, right of an appeal or even an adequate explanation,” comments James Farrar, founder and director of Worker Info Exchange.

“Uber have withheld information to which our clients are entitled by right,” says Ravi Naik of ITN Solicitors.

The requested data, including ratings and profile information which is accounted in Uber’s work allocation algorithms, has been retained or just partially given to the employees since July 2018.

The drivers couldn’t receive comprehensive and detailed respond concerning their profile details, driver and trip ratings, and how personal data is used in automated decision-making.

“Uber has automated the management function and hidden it in algorithms behind the digital curtain,” expands James Farrar.

Uber will appeal against the claim, stating that the company has breached the Article 15 of the GDPR, in the Supreme Court later this year.