Security News > 2020 > August > Ex-Uber chief security officer charged, accused of concealing a crime by paying hush money to hackers
As Uber's chief security officer, Joe Sullivan broke the law by hushing up the theft of millions of people's details from the app maker's databases by hackers, prosecutors say.
According to the government, the charges [PDF] stem from Sullivan's efforts to cover up the 2016 security breach at Uber in which miscreants siphoned from internal databases the personal information of 57 million passengers and 600,000 drivers, including their driving license details.
In 2017, Dara Khosrowshahi took over as chief exec of Uber, following the departure of Kalanick, and when he learned of the true nature of the database infiltration and payoffs, he promptly gave Sullivan and one of his fellow execs their marching orders, and went public with the security bungle.
"Concealing information about a felony from law enforcement is a crime," said Craig Fair, deputy special agent in charge at the FBI. "While this case is an extreme example of a prolonged attempt to subvert law enforcement, we hope companies stand up and take notice. Do not help criminal hackers cover their tracks. Do not make the problem worse for your customers, and do not cover up criminal attempts to steal people's personal data."
In 2018, Sullivan resurfaced at Cloudflare, again as chief security officer.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/08/20/uber_sullivan_charges/