Security News > 2020 > August > Former Uber CSO Charged Over 2016 Data Breach Cover-Up
The U.S. Department of Justice announced on Thursday that former Uber Chief Security Officer Joe Sullivan has been charged over his alleged role in the cover-up of the 2016 data breach that resulted in the information of millions of Uber drivers and users getting stolen by hackers.
During his time at Uber - he served as the company's CSO between April 2015 and November 2017 - the ride-sharing giant's systems were breached and the attackers managed to steal information belonging to 57 million users and drivers.
In an effort to cover up the breach, Uber paid the cybercriminals $100,000 through its HackerOne bug bounty program, instructing them to destroy the data.
The incident occurred in the fall of 2016, but it was only disclosed to the public roughly one year later, after Dara Khosrowshahi was appointed Uber's CEO. Sullivan was fired over his role in the handling of the breach and U.S. officials expressed discontent over how the incident was addressed, particularly since information was withheld from the FTC, which at the time was investigating a smaller cybersecurity incident suffered by the ride-sharing firm in 2014.
"The criminal complaint also alleges Sullivan deceived Uber's new management team about the 2016 breach. Specifically, Sullivan failed to provide the new management team with critical details about the breach," the Justice Department said.
News URL
Related news
- FTC orders Blackbaud to boost security after massive data breach (source)
- Verizon insider data breach hits over 63,000 employees (source)
- Data breach at French healthcare services firm puts millions at risk (source)
- Bank of America warns customers of data breach after vendor hack (source)
- Integris Health says data breach impacts 2.4 million patients (source)
- Insomniac Games alerts employees hit by ransomware data breach (source)
- 20 million Cutout.Pro user records leaked on data breach forum (source)
- Golden Corral restaurant chain data breach impacts 183,000 people (source)
- American Express credit cards exposed in vendor data breach (source)
- American Express credit cards exposed in third-party data breach (source)