U.S. charges former Uber security chief with covering up massive 2016 hacking
By Jonathan Stempel WASHINGTON (Reuters) - A former chief security officer for Uber Technologies was criminally charged on Thursday with trying to cover up a 2016 hacking that exposed personal information of about 57 million of the ride-hailing company's customers and drivers. The U.S. Department of Justice charged Joseph Sullivan, 52, with obstruction, saying he took 'deliberate steps' to keep the Federal Trade Commission from learning about the breach, including by communicating behind-the-scenes with the hackers and lying to keep top Uber executives in the dark.
By Jonathan Stempel
WASHINGTON (Reuters) - A former chief security officer for Uber Technologies
The U.S. Department of Justice charged Joseph Sullivan, 52, with obstruction, saying he took "deliberate steps" to keep the Federal Trade Commission from learning about the breach, including by communicating behind-the-scenes with the hackers and lying to keep top Uber executives in the dark.
Efforts to immediately locate a lawyer for Sullivan were unsuccessful.
Uber eventually discovered the hacking and disclosed it in Nov. 2017, the same month Sullivan was fired after 2-1/2 years as chief security officer, according to court papers.
The San Francisco-based company agreed the following September to pay $148 million to settle claims by all 50 U.S. states and Washington, D.C. which said it was slow to reveal the hacking.
Sullivan, of Palo Alto, California, was accused of funneling a payoff to the hackers through Uber's "bug bounty" program, where a third party arranges payments to "white hat hackers" who flag security issues but have not compromised data themselves.
Prosecutors said Uber ended up paying the hackers, who initially sought a six-figure payout, $100,000 in bitcoin in December 2016, then "by far" its largest bug bounty payout, despite their refusal to identify themselves by name.
They also said Sullivan had the hackers sign non-disclosure agreements that falsely stated they had not stolen data.
“Silicon Valley is not the Wild West," U.S. Attorney David Anderson in San Francisco said in a statement. "We will not tolerate corporate cover-ups. We will not tolerate illegal hush money payments."
(Reporting by Jonathan Stempel in New York and Eric Beech in Washington, D.C.; Editing by Mohammad Zargham and Aurora Ellis)
This story has not been edited by Firstpost staff and is generated by auto-feed.
Pulitzer Prize-winning photojournalist Danish Siddiqui killed in Afghanistan: Politicans, journalists pay tributes
The Pulitzer prize winner, who was in Kandahar covering operations against Taliban, was killed when he was riding along with the Afghan Special Forces
Siddiqui had also covered the 2020 Delhi riots, COVID-19 pandemic, Nepal earthquake in 2015 and the protests in Hong Kong
Danish's photographs were not just documentation, but the work of someone who went down to eye-level, as they say in photographic parlance.