It turned out that Uber’s former security manager paid $ 100,000 worth of Bitcoin to the hackers who hacked the platform in 2016. Director Joseph Sullivan is also accused of covering up what happened.
The US Department of Justice announced in a press release yesterday that Uber’s former chief security officer Joseph Sullivan was trying to cover up a 2016 attack that compromised the data of millions of users and drivers.
A criminal complaint has also been filed against Sullivan with the concept of preventing justice regarding hiding the hacking attack Uber Technology suffered. According to the information received, Sullivan, in addition to hiding the attack, also intentionally prevented the information from reaching the Federal Trade Commission (FTC).
It was also announced that the Uber Security Manager aims to pay hackers through a reward program. In the reward program, 3rd parties pay “well-intentioned hackers” who find the company’s deficit but do not evaluate it.
A spokesperson for Uber spoke to Forbes on the matter and said that they supported the Justice Authority’s investigation into the matter and continued to work with the institution. Stating that they did not break their stance on this issue by revealing this situation in 2017, the spokesperson said, “We have already demonstrated in 2017 that we act with our principles by revealing this issue. Transparency, integrity and taking responsibility are our biggest principles as a company. ” said.
Hackers have made a million dollar bill
It was stated that Sullivan, who worked as a security manager at Uber between 2015 and 2017, was secretly contacted by hackers via e-mail, and the attackers were informed that Sullivan issued a 6-zero bill. It was reported that the hackers had access to information belonging to 57 million Uber users and employees, including the driver’s license numbers of 600 thousand people. It was alleged that Sullivan knowingly and willingly tried to hide all these events from the Federal Trade Commission.
Uber paid in Bitcoin
Although the attackers disclosed their real name and did not return the data, they managed to get a payment from the company equivalent to $ 100,000 in Bitcoin. Sullivan also tried to get the hackers to sign a “no disclosure” agreement, but without success.
It is also seen that Sullvan, who is active on Twitter from time to time, attends conferences on “the responsibilities of the security manager and what he should do”.
The pirates, who were later identified by Uber, confessed to their crimes at the court in California on October 30, 2019 and were found guilty by the court. The penalties for the hackers have not been determined yet.