Uber’s former Chief Security Officer (CSO) Joseph Sullivan has been charged with paying $100,000 in bitcoin to cover up for a massive data breach.
According to a report by Forbes August 20, Sullivan allegedly attempted to hide a hack in 2016 that compromised the data of millions of Uber users and drivers. A criminal complaint by the Department of Justice charged Sullivan with obstruction of justice with the attempted cover-up.
The DoJ press release outlined how Sullivan allegedly took deliberate steps to prevent knowledge of the data breach from reaching the Federal Trade Commission (FTC). Sullivan initially attempted to pay off the hackers by funneling money through a bug bounty program.
Between April 2015 and November 2017, during Sullivan’s tenure as Uber’s CSO, two hackers contacted him vial email and demanded a six-figure payment in exchange for their silence. The hackers had managed to download Uber’s database containing the personal information of approximately 57 million users and drivers, including drivers’ license numbers.
The report claims Uber paid the hackers $100,000 in bitcoin in December 2016 and attempted to have the anonymous figures sign non-disclosure agreements. The agreements contained a false representation of the situation, stating the hackers had not taken or stored any data.
A spokesperson for Uber told Forbes,
We continue to cooperate fully with the Department of Justice’s investigation. Our decision in 2017 to disclose the incident was not only the right thing to do, it embodies the principles by which we are running our business today: transparency, integrity, and accountability.
Featured Image Credit: Photo via Pixabay.com