According to The Register, Joe Sullivan, Uber’s former chief security officer, has been found guilty of illegally covering up the theft of Uber drivers and customers’ personal information.
Sullivan, who had previously worked as a cybercrime prosecutor for the US Department of Justice, was accused of obstructing justice and misprision, which is the concealment of a felony from law enforcement, two years ago. On both charges, he was found guilty today.
On November 21, 2017, Uber CEO Dara Khosrowshahi released a statement admitting that adversaries had entered into the infrastructure of the app behemoth in late 2016 and stolen 57 million user and driver details. As a result, Sullivan and Craig Clark, the legal director of security and law enforcement, were sacked.
Court records state that Sullivan discovered the theft in November 2016, just ten days after testifying before the US Federal Trade Commission regarding a 2014 cyberattack against Uber. Sullivan attempted to cover up that 2016 heist by attempting to pass off a ransom payment made to the criminals to recover the data as a bug bounty award out of fear that the company would suffer from another data security breach.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.