Uber hacker 'identified' as 20-year old Florida man

Share

Three people familiar with the incident said an unidentified Florida man contacted Uber after breaching a server in October and stealing information including the names and email addresses of ride-share users in the US and overseas, Reuters reported Wednesday.

But now three people familiar with the events have told Reuters that Uber used its so-called "bug bounty" program normally used to identify small code vulnerabilities, to pay off the hacker (said to be an unidentified 20-year-old man in Florida).

The ride-sharing company announced last month that a hacker had stolen the personal data of 57 million passengers and 600,000 drivers in October 2016. The rideshare company did not disclose any more information.

It is not clear who made the decision to pay the hacker and keep the breach quiet, though the different sources said that Travis Kalanick, the then-CEO had been aware of the data breach and the payment to the hacker in November of 2016. The company didn't say how the hacker was paid, or who he was.

Читайте также: U.S. wants NASA leader Raila Odinga to abandon his swearing-in plan

The payment was made by Uber a year ago via a program that is created to reward different researchers who report company software flaws, said the sources. The stolen data included personal information such as email addresses, names, and driver's license numbers. He stepped down as Uber CEO in June and has taken a vow of silence too.

In an August interview with Reuters, Sullivan, a former prosecutor and Facebook Inc security chief, said he integrated security engineers and developers at Uber "with our lawyers and our public policy team who know what regulators care about". The New York State Attorney General has opened an investigation into the incident, while the New Mexico Attorney General has sent Uber a letter asking for details of the hack and how the company responded. The bounty program is meant to reward security researchers who bring bugs to the company's attention so that a fix can be put into place.

Uber may also have broken a promise made in a Federal Trade Commission settlement not to mislead users about data privacy and security.

New CEO Dara Khosrowshahi said in November that Uber was wrong in covering it up, and said "We are changing the way we do business".

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2017 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Share