Former Uber security chief is charged after ‘concealing hack’

Uber’s former chief security officer has been charged with allegedly trying to cover up a data breach that exposed the email and phone numbers of 57 million drivers and passengers. 

Federal prosecutors on Thursday charged Joe Sullivan, 52, with obstructing justice and concealing a felony in connection to the 2016 hack. 

Sullivan, who served as the company’s security officer from 2015 to 2017, is accused of taking ‘deliberate steps to conceal, deflect, and mislead’ the Federal Trade Commission, as well as his own colleagues, about the breach, authorities said. 

According to a criminal complaint filed in a California federal court, Sullivan had funneled hackers $100,000 in Bitcoin in December 2016 in exchange for their silence. 

The two hackers are alleged to have demanded the six-figure sum in an email to Sullivan informing him of the breach. 

They told the executive they had accessed and downloaded an Uber database containing personally identifying information.

The database included the drivers license numbers for approximately 600,000 people who drove for Uber, according to prosecutors.   

‘Concealing information about a felony from law enforcement is a crime,’ Deputy Special Agent in Charge Craig D. Fair said in a release. 

‘While this case is an extreme example of a prolonged attempt to subvert law enforcement, we hope companies stand up and take notice. 

‘Do not help criminal hackers cover their tracks. Do not make the problem worse for your customers, and do not cover up criminal attempts to steal people’s personal data.’ 

 

 

This story will be updated. More to come.