Florida man, 20, responsible for Uber hack

Adjust Comment Print

A 20-year-old Florida man was responsible for the data breach at Uber last year, and was paid $100,000 to destroy the information, Reuters reported Wednesday.

Digging further into the issue, Uber disguised the payment as a bug bounty - despite paying more than 10 times the typical rate for the discovery of such a bug - and ran the payment through a company called HackerOne, which is used by a number of other tech companies for similar (legit) programs.

CEO of HackerOne Marten Mickos commented that he could not talk about the programs of individual customers.

Uber never revealed any information about the hacker or how it paid him the money, but it later confirmed that 2.7 million United Kingdom customers had their personal details stolen, as regulators stepped in to investigate the breach.

Tom Davies and Jonjoe Kenny enjoying Sam Allardyce's 'straightforward' approach at Everton
Ademola Lookman was on target twice as Everton crushed Apollon Limassol 3-0 in a dead-rubber Europa League clash on Thursday . Craig Shakespear will take charge of the team but it is not a team that many fans will recognise, even Everton fans.

But the firm caused much anger when it was revealed it had actually paid the hacker $100,000 to hide the information for over a year. The company directed him into the program and then used the process to uncover his identity.

Sources have now told Reuters that payment to the hacker was made through its bounty program, which monetarily rewards those who find bugs in the company's software and applications. Uber convinced the man to delete the data after sending him the money he demanded, and it also had him sign a nondisclosure agreement to prevent him from discussing the incident, according to the report.

One of those sources described the hacker as "living with his mom in a small home trying to help pay the bills".

Khosrowshahi said in a statement last month that the company suffered data breach in 2016 but he was informed only recently. They reported Uber's security team did not feel the need to further pursue action against an individual that they believed posed no further threat. He questioned why the affected individuals and regulators weren't made aware of the hack. "We are changing the way we do business". "I have always been a strong advocate for Uber's innovative technology, but if these revelations prove true, I am disgusted by this cover-up and Uber will be held accountable".

Comments