Relatable Uber Hacker Was Just Trying to Pay His Bills
The payment was funneled to the hacker through Uber's
The hacker wasn't a participant in the bug bounty program, Reuters reported, and instead emailed the company demanding money. Uber directed him into the bug bounty program and used the process to uncover the hacker's identity. The company then convinced him to delete the stolen data and sign a non-disclosure agreement about the incident.
Uber fired its chief security executive, Joe Sullivan, and another executive, Craig Clark, for their involvement in the arrangement with the hacker. "None of this should have happened, and I will not make excuses for it," Uber's CEO
Several states and cities have sued the company , claiming it violated local breach disclosure laws by not publicly revealing the breach. Uber settled with the Federal Trade Commission earlier this year over a 2014 data breach, and agreed to 20 years of privacy audits as part of that settlement.
[ Reuters ]