Photo: DENIS CHARLET / AFP / Getty Images
Joe Sullivan, former Uber security chief, was found guilty of concealing a cyberattack recorded in the year 2016 where a hacker managed to access the personal information of 57 millions of app users.
Among the stolen information are names, email addresses and phone numbers of 50 million users and another 7 million drivers. In the case of the latter, it was learned that the hacker also had access to the license plate of some 600.000 Drivers.
Charges Filed against the former Uber employee include obstruction of justice, for not reporting the case to the Federal Trade Commission about the hack and the crime of cover-up because he hid a serious crime from the authorities.
Before your arrival at Uber Sullivan had held similar positions at Facebook and Cloudflare, for which he was recognized within the industry. This allowed him to work alongside the San Francisco federal prosecutor on some cybercrime cases. Coincidentally, this same prosecutor was in charge of prosecuting Sullivan’s case.
According to the investigations, the hacking of which Uber was a victim in 2016 occurred after two computer scientists who were browsing through Github, a web portal where developers can share their code with other experts in the area, found credentials that gave them access to Uber’s Amazon Web Services (AWS) storage. In practice, this meant being able to enter the company’s database without any type of security system.
Through this mechanism, said people were able to download the database backup, and then negotiate a ransom with the company in exchange for $80,000 in Bitcoin. In order to process the payment as discreetly as possible, Uber allegedly tried to disguise the transaction as part of a bug bounty program.
These individuals subsequently pleaded guilty to having unauthorized access to Uber’s internal systems.
Sullivan’s case represents an unprecedented event as it is the first time that an executive of a technology company is found guilty in a case associated with a hacking.
According to the prosecution, the former Uber security chief could face a sentence of up to eight years in prison. However, it is believed that he will most likely end up serving a much shorter sentence.
This may also interest you:
– Uber docs: the massive leak that reveals how Macron and other top politicians secretly favored the company
– Female passengers sue to Uber for alleged sexual offenses by their drivers
– Uber will begin to show your drivers how much money they will earn for each ride