Uber paid 20-year-old Florida man to keep data breach secret

Uber paid to keep data breach secret: report

20-year-old Florida man was behind Uber hack: report

The unnamed hacker was paid $100,000 by Uber to destroy all the data he'd nicked back in October 2016, according to sources talking to Reuters, and was paid by the ride-hailing company through a "bug bounty" program. Uber allegedly paid hackers a $100,000 ransom to delete the data and not disclose what had happened to the media and public.

But it would appear that Uber used its bug bounty as a means to pay-off the hacker, who a source described as "living with his mom in a small home trying to help pay the bills" and noted Uber didn't want to pursue any legal action due to perceiving the man as no longer posing a threat to it.

The payment was made through a bug hunter scheme called HackerOne, created to reward security researchers who identify weaknesses and issues in a company's software. Reuters reported that even then-CEO Travis Kalanick, who left the company in June 2017 amid accusations of fostering a hostile and sexist work culture, was aware of the breach and was part of the effort to keep it a secret.

CEO Marten Mickos said that he could not comment on individual customers' programmes.

Furthermore, Reuters reports that "Uber made the payment to confirm the hacker's identity and have him sign a nondisclosure agreement to deter further wrongdoing".

MI county without active Toys for Tots program
A Kansas City charity is appealing for toys so that each of the more than 500 children it serves can have a Christmas gift. You can always drop off toys or donations at any time to the Toys for Tots headquarters at Beckley Auto Mall.

You can purchase PUBG's Warrior Pack right now on Xbox One
The Xbox version of PlayerUnknown's Battlegrounds launches next week , and console owners are excited to get their hands on it. Excitement intensified went it was reported in the magazine Games that developers had achieved a 60fps frame rate.

Harvey Weinstein was like a father to me: Jennifer Lawrence
If I'm on this commission, and [if] I get an email about somebody being treated badly on a set, I can send an email. So I needed a moment to process everything because I thought I knew this guy, and then he's being accused of rape.

If the payment was actually made via HackerOne bug bounty program, it was an unusual incident as it involved a hacker who stole data. 'In all cases when a bug bounty award is processed through HackerOne, we receive identifying information of the recipient in the form of an IRS W-9 or W-8BEN form before payment of the award can be made, ' he said, referring to U.S. Internal Revenue Service forms. Hopefully this will serve as a lesson to other companies going forward.

Mr. Khosrowshahi learned of the incident after becoming Uber's chief executive in August, and he's since terminated two employees implicated in its response, Joe Sullivan, Uber's former head of security, and a deputy, attorney Craig Clark.

The revelation has gotten the startup in hot water with regulators and prosecutors.

Last week, three more top managers in Uber's security unit resigned.

Latest News