Former Uber security chief convicted for covering up 2016 data breach


Former Uber security chief Joe Sullivan was found guilty in federal court on Wednesday of covering up a 2016 data breach for more than a year. A jury rejected Sullivan’s argument that other Uber executives knew about the data breach and were responsible for not disclosing it publicly for more than a year, according to Bloomberg.

Sullivan was found guilty of obstructing justice by hiding the breach from the Federal Trade Commission and actively hiding a crime by authorizing payments to the hacker responsible, according to the Washington Post.

The 2016 Uber hack exposed the personal data of 57 million drivers and users from the ridesharing app, including names, email addresses, and driver’s license numbers.

The hack took place in October 2016 but was not publicly disclosed until November 2017. Uber learned of the data breach in November 2016 and paid $100,000 for the cyber thief to delete the information.

In September 2018, Uber entered into an agreement with all 50 US states and the District of Columbia to pay $148 million for failing to report the hack.

Uber did not immediately respond to a request for comment.

Uber was again hacked by cyber attacker last month, with Uber blaming Lapsus$ hacking groupwho has violated Microsoft, Cisco, Samsung, Nvidia, Okta and rock star games in 2022.

Uber said last month’s hack likely involved infecting a contractor’s personal device with malware when he accepted a verification notification, resulting in his credentials being exposed . The employee’s credentials were then likely purchased on the dark web. Uber says no personal data was compromised.


About Author

Comments are closed.