The peer-to-peer ridesharing app was fined the whopping amount in costs this week after a 2016 hacking scandal left 2.7 million UK customers with their full names, phone numbers, and addresses in the hands of the hackers.
According to the BBC, the Information Commissioner's Office (ICO) said the data had been stolen thanks to "avoidable data security flaws", and fined the company over a lack of security systems.
Steve Eckersley, director of investigations at the ICO, said: "This was not only a serious failure of data security on Uber's part but a complete disregard for the customers and drivers whose personal information was stolen."
At the time of the attack, Uber did nothing to alert people that data had been downloaded or to support people affected, but later paid the hackers £78,400 to destroy the data they took.
But Mr. Eckersley says paying the hackers and then saying nothing about it was "not an appropriate response to the cyber-attack."
In response, Uber has now changed how it handles its data, and employs a chief privacy officer and a data protection head who oversee its operations.
They said: "We've made a number of technical improvements to the security of our systems both in the immediate wake of the incident as well as in the years since.
"We're pleased to close this chapter on the data incident from 2016."
Uber were also recently fined 600,000 euros by data regulators in Holland over the same breach, as it also affected 174,000 Dutch customers.