Security News > 2022 > October > Former Uber CSO convicted of covering up megabreach back in 2016

Former Uber CSO convicted of covering up megabreach back in 2016
2022-10-06 18:04

Joe Sullivan, who was Chief Security Officer at Uber from 2015 to 2017, has been convicted in a US federal court of covering up a data breach at the company in 2016.

We first wrote about the breach behind this widely-watched court case back in November 2017, when news about it orignally emerged.

The Amazon servers thus breached revealed personal information on more than 50,000,000 Uber riders and 7,000,000 drivers, including driving licence numbers for about 600,000 drivers and social security numbers for 60,000.

The 2016 breach was kept quiet until 2017, when new management at Uber uncovered the story and admitted to the incident.

From a regulatory point of view, of course, Uber ought to have reported this breach right away in many jurisdictions around the world, rather than hushing it up for more than a year.

Uber has confirmed its data breach in October 2016 affected approximately 2.7 million user accounts in the UK. Uber has said the breach involved names, mobile phone numbers and email addresses.


News URL

https://nakedsecurity.sophos.com/2022/10/06/former-uber-cso-convicted-of-covering-up-megabreach-back-in-2016/