New details of Uber hack and bug bounty cover-up come to light

New details of Uber hack and bug bounty cover-up come to light

Uber revealed last month that hackers stole data on more than 57 million riders and drivers in October 2016.

The second person was paid by the Florida-based hacker to, among other services, access Github, a site used by programmers to store code, in order to gain credentials to access Uber data, it added.

But it would appear that Uber used its bug bounty as a means to pay-off the hacker, who a source described as "living with his mom in a small home trying to help pay the bills" and noted Uber didn't want to pursue any legal action due to perceiving the man as no longer posing a threat to it.

New Uber CEO Dara Khosrowshahi fired a pair of top Uber security officials when the company announced the incident, saying regulators should have been told when the breach was discovered, approximately one year prior.

The ride-hailing app paid the man, whose identity is still unknown, and an anonymous accomplice to delete the data through a "bug bounty" programme, according to Reuters. A former executive at the firm, Katie Moussouris, said that such a high payment would have been an "all-time record".

Security professionals said rewarding a hacker who had stolen data also would be well outside the normal rules of a bounty program, where payments are typically in the $5,000 to $10,000 range.

Martin Schulz seeks backing for grand coalition to end Germany crisis
Schulz, a former head of the European Parliament, said a pre-condition for entering such talks would be "an about-face in European policy".

50 new Hoenn Pokémon added to Pokémon Go
Local weather will be taken into account, changing the rates at which some Pokémon appear and powering up certain types. Announced on the company's Pokémon Go blog , the first major change will be the creation of a dynamic weather system .

Work begins to collect toys for children in need throughout Western Washington
Despite there not being a Toys for Tots program in Midland, other charities within the city have stepped forward. Fortunately, the task at hand is a lot easier than fighting a war - it is giving back through Toys for Tots.

The payment was made by Uber past year via a program that is created to reward different researchers who report company software flaws, said the sources. Reuters reported that even then-CEO Travis Kalanick, who left the company in June 2017 amid accusations of fostering a hostile and sexist work culture, was aware of the breach and was part of the effort to keep it a secret.

HackerOne CEO Marten Mickos said he could not discuss an individual customer's programs. They also analysed his machine to confirm that the data had been purged.

'The creation of a bug bounty program doesn't allow Uber, their bounty service provider, or any other company the ability to decide that breach notification laws don't apply to them, ' Moussouris said.

Sullivan and Clark did not respond to requests for comment.

Another three members of Uber's security subsequently resigned from their roles last week.

Related Articles

  • Messi wants Higuain for Argentina

    Messi wants Higuain for Argentina

    Messi, however, believes they should have celebrated at least two victories. "I understand Masche. The best thing is to play and enjoy yourself, and he doesn't think he'll get minutes here".
    'Games of Thrones' not returning until 2019, Sophie Turner says

    'Games of Thrones' not returning until 2019, Sophie Turner says

    And without Littlefinger (Petyr Baelish, played by actor Aidan Gillen), it's a test for her of whether she can get through it. Sansa Stark may want to watch her back, because she just dropped a big possible reveal about Game of Thrones' last season.
    Sexiest Asian Women 2017

    Sexiest Asian Women 2017

    The youngest one on the list was TV actor Shivangi Joshi, aged 19 while the oldest was Sridevi ranked at 49. The rest of the list include Drashti Dhami , Katrina Kaif, Shraddha Kapoor, Gauhar Khan and Rubina Dilaik.
  • Willing to extend deadline for linking Aadhaar to services: Centre tells SC

    Willing to extend deadline for linking Aadhaar to services: Centre tells SC

    They said the government could not compel citizens to link their Aadhaar with either bank accounts or cell phone numbers. The petitioners had alleged that Aadhaar linking violated their right to privacy and hence the practise be struct down.
    'Westworld, 'SWAT' Suspend Production Due to California Wildfires

    'Westworld, 'SWAT' Suspend Production Due to California Wildfires

    On Monday, " Westworld " and CBS's "S.W.A.T." ceased production as multiple wildfires burned in and around Los Angeles County. A representative at Sony Pictures Television, the studio behind "S.W.A.T.", also confirmed the production delay to CNN .
    Dallas County Sheriff Lupe Valdez to Run for Texas Governor

    Dallas County Sheriff Lupe Valdez to Run for Texas Governor

    Valdez's campaign said she will "officially notify" Dallas County commissioners of her decision to run for governor this morning. Houston investor Andrew White will declare his candidacy for the Democratic nomination for governor Thursday, Dec. 7.
  • Champions League: Manchester United target flops while fullback wanted by Chelsea thrives

    Champions League: Manchester United target flops while fullback wanted by Chelsea thrives

    Liverpool (if top): Bayern Munich, Juventus , Basel , Real Madrid , Shakhtar Donetsk, Napoli, Porto or RB Leipzig. Find out why Chelsea supporters could be anxious ahead of Monday's Champions League round of 16 draw...
    Largest Cryptocurrency Mining Market NiceHash Hacked

    Largest Cryptocurrency Mining Market NiceHash Hacked

    The company has confirmed that hackers have managed to steal some Bitcoins , although they have not given any details on how many. Cryptocurrency mining website NiceHash has suffered a security breach that has seen its Bitcoin wallet emptied.
    Amazon Prime Video now available on Apple TV

    Amazon Prime Video now available on Apple TV

    Amazon stopped selling Apple TV and Google Chromecast devices in 2015, a year after it launched Fire TV. They also both offer corporate cloud-computing services, a market where Amazon leads by a wide margin.
  • PUBG New Desert Map Gets Another New Weapon

    Miramar is a desert environment, a departure from the usual fields and forests of the original Erangel map. The new desert map is called Miramar , and it's ready for its first batch of contestants.
    Snow warning for Donegal comes into force later

    Snow warning for Donegal comes into force later

    The Met Office has issued an amber "be prepared" weather warning for northern Scotland on Thursday. North and North West counties will be most at risk, as well as higher ground elsewhere".
    Jennifer Lawrence 'afraid' of sexy scenes after nude photo hack

    Jennifer Lawrence 'afraid' of sexy scenes after nude photo hack

    The Hunger Games star continues, saying the disappointment of the movie failing has been hard to overcome. 'He was paternal to me. She continued to describe Weinstein as a "tough guy" and a "brute", but she maintained that she was unaware of his true persona.