Osborne Clarke (OC) has advised Uber on the taxi-hailing company's fines totalling almost £1m from data protection authorities in both the UK and the Netherlands.

The fines follow a 2016 data breach that affected about 57 million Uber users globally, with hackers stealing the personal details – including full names, email addresses and phone numbers – of both customers and drivers.

The UK's Information Commissioner's Office (ICO) yesterday (26 November) handed Uber a £385,000 fine for failing to protect customers' personal information, while the Dutch Data Protection Authority concurrently imposed a €600,000 (£532,000) fine on Uber BV and overall parent company Uber Technologies Inc for breaching Dutch data laws.

It is understood that OC handled both the UK and Dutch law aspects involved in the incident, fielding teams out of both its UK and Amsterdam bases.

Uber has in the past turned to Hogan Lovells for advice on data and privacy matters, with the global firm having recently assessed the company's data privacy programme following the rollout of the GDPR in May this year. It also helped the company carry out an internal privacy probe in 2014.

An Uber spokesperson said: "We're pleased to close this chapter on the data incident from 2016. As we shared with European authorities during their investigations, we've made a number of technical improvements to the security of our systems both in the immediate wake of the incident as well as in the years since.

"We've also made significant changes in leadership to ensure proper transparency with regulators and customers moving forward. Earlier this year, we hired our first chief privacy officer, data protection officer, and a new chief trust and security officer. We learn from our mistakes and continue our commitment to earn the trust of our users every day."

Osborne Clarke declined to comment.