Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up

Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up

Joseph Sullivan allegedly paid off $100K to the hackers responsible for a 2016 data breach, which exposed PII of 57 million passengers and drivers.

Joseph Sullivan allegedly paid off $100K to the hackers responsible for a 2016 data breach, which exposed PII of 57 million passengers and drivers.

A former Uber security executive has been charged for his role in the cover-up of a massive 2016 data breach, in which attackers accessed the company’s Amazon Web Services accounts and stole data associated with 57 million passengers and drivers.

The U.S. State Attorney for the Northern District of California has charged Palo Alto, Calif., resident Joseph Sullivan, 52, with obstruction of justice and misprision of a felony in connection with the attempted cover-up, which occurred when Sullivan was Uber’s chief security officer (CSO). The complaint alleges that Sullivan fraudulently paid off the hackers responsible via Uber’s bug bounty program.

United States Attorney David L. Anderson, who is prosecuting the case, castigated Sullivan’s alleged behavior in a press statement, saying that the state “will not tolerate illegal hush money payments.”

breach bitcoin bug bounty hackers joseph sullivan security

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Wormable Apple iCloud Bug Allows Automatic Photo Theft

Ethical hackers so far have earned nearly $300K in payouts from the Apple bug-bounty program for discovering 55 bugs, 11 of them critical, during a three-month hack. The wormable iCloud bug is a cross-site scripting (XSS) issue, according to the writeup.

Grindr's Bug Bounty Pledge Doesn't Translate to Security

At [email protected], Luta Security CEO Katie Moussouris stressed that bug bounty programs aren't a 'silver bullet' for security teams.

TikTok Launches Bug Bounty Program Amid Security SNAFUs

The move is a distinct change in direction for the app, which has been criticized and even banned for its security practices. To submit bugs to be evaluated under the program, researchers can use an online form, Wu said.

Facebook Debuts Bug Bounty ‘Loyalty Program’

Facebook bounty hunters will be placed into tiers by analyzing their score, signal and number of submitted bug reports — which will dictate new bonus percentages.

Apple Security Research Device Program Draws Mixed Reactions

Apple's Security Research Device program is now open to select bug bounty hunters.