Uber exec accused of disguising data-breach extortion as “bug bounty”
After the Federal Trade Commission began investigating a massive Uber data breach in 2016, the tech company was hit with another breach that was seemingly just as concerning. Rather than report the second data breach to the FTC and risk further public embarrassment, then-Uber security chief Joe Sullivan consulted with lawyers and then negotiated with the hackers. He allegedly set up a deal under which Uber paid the hackers a $100,000 "bug bounty" to delete the data, then pretended the data breach was part of a planned test of Uber's security and had the hackers sign a nondisclosure agreement.
Continue Reading https://arstechnica.com
Join the Discussion