Former Uber Executive Charged For Attempting To Hide 2016 Hack With Bribes
A former Uber executive has been charged by the Department of Justice with obstruction of justice over a 2016 data breach. Joseph Sullivan, the ride-share company’s director of security from April 2015 to November 2017, allegedly offered hush money to hackers in order to hide the breach from his superiors and from the Federal Trade Commission.
“Rather than report the 2016 breach, Sullivan allegedly took deliberate steps to prevent knowledge of the breach from reaching the FTC,” the DOJ said in a statement.
The hack occurred in October 2016 and exposed the sensitive personal information of 57 million Uber drivers and customers. Sullivan reportedly paid out $100,000 in bitcoin per the hackers’ demands in exchange for them deleting the data and keeping the incident quiet. The payment was made through a bug bounty program and Sullivan got the hackers to sign non-disclosure agreements. The hack occurred while Sullivan was helping the company investigate another data breach from 2014.
Sullivan faces up to five years in prison on the obstruction charge. He also faces a charge relating to his knowing concealment of a felony act, for which he faces up to three years in prison.
Sullivan's attorney Bradford Williams said in a statement to the Verge that the charges against his client had “no merit.” Williams further claimed that Sullivan worked in close contact with legal and communications teams at Uber and that these teams were the ones responsible for deciding how to disclose the matter.
“We continue to cooperate fully with the Department of Justice’s investigation,” an Uber spokesperson said in a statement. “Our decision in 2017 to disclose the incident was not only the right thing to do, it embodies the principles by which we are running our business today: transparency, integrity, and accountability.”
© Copyright IBTimes 2024. All rights reserved.