Former Uber executives who paid a hush fee to hackers to hide the identity theft of 57 million people are sued


Tati Tata

Despite the fact that 57 million personal information of passengers and drivers using Uber were stolen by hackers, they did not disclose the information but rather paid a hush fee to hackers to hide the fact that they were stolen As a federal prosecutor, he sued Uber's former Chief Security Officer (CSO).

Former Chief Security Officer For Uber Charged With Obstruction Of Justice | USAO-NDCA | Department of Justice

Former Uber Exec Charged With Paying'Hush Money' to Conceal Data Breach :NPR

The case in question was Uber's identity theft by two hackers in November 2016. Hackers broke into Uber's database, stealing the personal information of 57 million passengers and drivers together. Joseph Sullivan, then CSO at Uber, asked the hackers to pay a 'hush fee' and not tell them that they stole the information. It was said that the hushing fee paid was 100,000 dollars (about 12 million yen at the rate at that time).

Former CSO Sullivan's cover-up work was unveiled in June 2017 under the new system with CEO Dara Kosuloshahi, who received after CEO Travis Karanik in June 2017.

Uber reveals the fact that it leaked personal information of 57 million passengers and drivers and paid hackers-GIGAZINE

By 5chw4r7z

In the complaint, former Sullivan CSO tried to pay the hacker with a hush fee in the form of a 'bug bounty program', the hush fee was paid by Bitcoin in December 2016, and the former Sullivan CSO told the hacker On the other hand, it was asked to sign a non-disclosure agreement containing a false expression that 'data was not acquired or stored'.

In addition, two hackers who stole data from Uber have admitted collusion of computer fraud in October 2019 and are waiting for a judgment.

in Note,   Security, Posted by logc_nt