News Ukraine
Latest news for today in Ukraine
WASHINGTON (Reuters) – A former chief security officer for Uber Technologies was criminally charged on Thursday with trying to cover up a 2016 hacking that exposed personal information of about 57 million of the ride-hailing company’s customers and drivers.
The U.S. Department of Justice charged Joseph Sullivan, 52, with obstruction, saying he took “deliberate steps” to keep the Federal Trade Commission from learning about the breach, including by communicating behind-the-scenes with the hackers and lying to keep top Uber executives in the dark.
Efforts to immediately locate a lawyer for Sullivan were unsuccessful.
Uber eventually discovered the hacking and disclosed it in Nov. 2017, the same month Sullivan was fired after 2-1/2 years as chief security officer, according to court papers.
The San Francisco-based company agreed the following September to pay $148 million to settle claims by all 50 U.S. states and Washington, D.C. which said it was slow to reveal the hacking.
Sullivan, of Palo Alto, California, was accused of funneling a payoff to the hackers through Uber’s “bug bounty” program, where a third party arranges payments to “white hat hackers” who flag security issues but have not compromised data themselves.
Prosecutors said Uber ended up paying the hackers, who initially sought a six-figure payout, $100,000 in bitcoin in December 2016, then “by far” its largest bug bounty payout, despite their refusal to identify themselves by name.
They also said Sullivan had the hackers sign non-disclosure agreements that falsely stated they had not stolen data.
“Silicon Valley is not the Wild West,” U.S. Attorney David Anderson in San Francisco said in a statement. “We will not tolerate corporate cover-ups. We will not tolerate illegal hush money payments.”
Source:www.reuters.com
