Joseph Sullivan also paid hackers $100,000 in Bitcoin.
Former Chief Security Officer at Uber, Joseph Sullivan has been charged with obstruction of justice after allegedly covering up a massive data breach that exposed private details of a whopping 57 million Uber accounts in October 2016.
The company was already walking on thin ice with numerous allegations pertaining to sexual harassment, federal criminal probes, and trade secret theft lawsuit. But the coup de grâce was the CSO’s deliberate efforts to conceal and mislead the data breach which also included profusely paying hackers $100,000 in Bitcoin via a bug bounty program.
According to the criminal complaint filed in the federal court, the perpetrator played a pivotal role in deluding vital facts of the incident. Uber Technologies Incorporated was hacked in September 2014. Whilst investigations ensued by the Federal Trade Commission (FTC) regarding the breach, Joseph Sullivan assisted by providing written responses and sworn testimony under oath.
See: Uber dismissive about security flaw that lets hackers bypass its 2FA
Approximately ten days after his testimony to the FTC, on November 14th, 2016, the CSO received an email from an attacker informing him about another breach. Instead of coming clean and as an attempt to cover the incident, the former CSO paid the hackers who demanded a six-figure payment.
He also instructed them to destroy the data. Not only this, but Sullivan sought a Non-Disclosure Agreement (NDA) with the attackers ostensibly asking them to deceptively claim no information or data had been b ..
Support the originator by clicking the read the rest link below.
