Uber paid 20-year-old Florida man to keep data breach secret

Uber hasn't identified the hacker it paid $100,000 to last year but Reuters reports its a 20-year-old man in Florida.                  Getty Images

Uber hasn't identified the hacker it paid $100,000 to last year but Reuters reports its a 20-year-old man in Florida. Getty Images

The unnamed hacker was paid $100,000 by Uber to destroy all the data he'd nicked back in October 2016, according to sources talking to Reuters, and was paid by the ride-hailing company through a "bug bounty" program. Uber allegedly paid hackers a $100,000 ransom to delete the data and not disclose what had happened to the media and public.

But it would appear that Uber used its bug bounty as a means to pay-off the hacker, who a source described as "living with his mom in a small home trying to help pay the bills" and noted Uber didn't want to pursue any legal action due to perceiving the man as no longer posing a threat to it.

The payment was made through a bug hunter scheme called HackerOne, created to reward security researchers who identify weaknesses and issues in a company's software. Reuters reported that even then-CEO Travis Kalanick, who left the company in June 2017 amid accusations of fostering a hostile and sexist work culture, was aware of the breach and was part of the effort to keep it a secret.

CEO Marten Mickos said that he could not comment on individual customers' programmes.

Furthermore, Reuters reports that "Uber made the payment to confirm the hacker's identity and have him sign a nondisclosure agreement to deter further wrongdoing".

Priyanka Chopra voted Sexiest Asian Woman, dethroning Deepika Padukone
One of TV's popular actresses Rubina Dilaik rounds off the top 10 list of "Sexiest Asian Women" 2017. Priyanka Chopra surely has become an global star now and her achievements say a lot of things.

W/Cup Last Opportunity For Current Argentina Team - Messi
We spoke about it through messages, it was a good thing that he had this period of absence. They reached the final at the 2014 World Cup in Brazil but suffered defeat to Germany.

Pokemon Go Claims That PvP and Trading Are Still Planned
This weather change will also influence the characteristics of Pokemon whose behavior changes with the weather. That said , there are six different weather types available clear, rain, cloudy, fog, snow, and windy.

If the payment was actually made via HackerOne bug bounty program, it was an unusual incident as it involved a hacker who stole data. 'In all cases when a bug bounty award is processed through HackerOne, we receive identifying information of the recipient in the form of an IRS W-9 or W-8BEN form before payment of the award can be made, ' he said, referring to U.S. Internal Revenue Service forms. Hopefully this will serve as a lesson to other companies going forward.

Mr. Khosrowshahi learned of the incident after becoming Uber's chief executive in August, and he's since terminated two employees implicated in its response, Joe Sullivan, Uber's former head of security, and a deputy, attorney Craig Clark.

The revelation has gotten the startup in hot water with regulators and prosecutors.

Last week, three more top managers in Uber's security unit resigned.

Latest News