In an unprecedented case, a former chief security officer for Uber Technologies was criminally charged on Thursday for trying to cover up the 2016 hacking that involved about 57 million customers and drivers of the ride-hailing company ‘S personal information was revealed.
UBER offers $ 24.99 per monthly discount member
The Justice Department accused 52-year-old Joseph Sullivan of obstructing justice, saying he took “deliberate steps” to prevent the Federal Trade Commission from knowing about the hack, while the agency was already protecting Uber in the wake of a glitch Was monitoring
|The anchor||Security||The last||Change||Change %|
|UBER||UBER Technologies Inc||31.41||1.99||+ 6.76%|
The case was believed to be the first time a corporate information security officer has been charged with concealing a hack.
Sullivan, himself a former federal prosecutor, arranged to pay hackers $ 100,000 under Uber’s program to reward security researchers who reported the flaws. This amount was by far the most Uber had paid through the reward program, which was not to cover the theft of sensitive data.
UBER laid off 3,700 workers in Coronavirus, CEO Wallace Salary
The former security chief at Facebook Sullivan now works as chief information security officer at Cloudfare.
In previous interviews, security staff said the purpose of the Uber payout was to force hackers into the open to accept money and ensure that driver’s license information on the data, particularly Uber contractors, was destroyed.
The complaint states that Sullivan had signed non-disclosure agreements stating that he had not stolen data. It alleges that the then CEO Travis Kalanick was aware of Sullivan’s actions.
A spokesman for Kalanick declined to comment. A Sullivan spokesperson said that he has worked with his colleagues on the matter and the matter has been disclosed by the legal department.
“If not for the efforts of Mr. Sullivan and his team, it is likely that the individuals responsible for the incident will never be identified,” spokesman Brad Williams said.
Kalanick’s successor as CEO – current Uber chief Dara Khosroshahi – revealed the payment, then fired Sullivan and a deputy after learning the extent of the breach. Uber then paid $ 148 million by all 50 US states and Washington, DC to settle claims that it had to slow down to uncover the hack.
The Uber case will resonate with a growing number of companies that deal directly with hackers.
Click Here To Get Fox Trade On The Go
Many have reward programs such as Uber, which are usually seen as a tool to improve security and provide incentives for hackers to stay within the law. But some participants do not play by the rules.
In the Uber case, the FBI noted, the two main hackers went on to attack other companies, which could be mediocre if the agency said Sullivan had gone into law enforcement before. Both have pleaded guilty and are awaiting sentence.
The case also states that hackers who pay to get rid of ransomware, malicious programs that encrypt their files, are not exempt from the requirements to report the loss of personally sensitive information.
Read more on Fox Business