Uber’s former Chief Security Officer is currently at odds with the law after the authorities found out about what he did while working for the ride-hailing company back in 2016. Apparently, Joseph Sullivan decided to not involve the authorities when Uber was hacked and the criminals demanded $100,000 in Bitcoin.
The then CSO is alleged to have agreed to pay off the hackers through a fake bug bounty program and made sure that no information went out about the hack.
He even went ahead to make the criminals sign an NDA (Non-Disclosure Agreement) to make sure they didn’t reveal anything about the hack to anyone. The hackers had compromised confidential information of 57 million Uber users as well as license numbers of over 600,000 drivers working with Uber.
“Silicon Valley Is Not The Wild West”
John Sullivan now finds himself on the defense as the US DoJ (Department of Justice) dissects into the case. John is being charged with obstruction of justice – for not reporting the hack and colluding with the criminals to keep the secret.
According to the DoJ, the CSO was deliberate in his attempt to prevent the law from taking its course. US Attorney David Anderson, who seems to be involved with the case, was quoted as declaring that the government will not tolerate such hush-money payments. He went on to say that Silicon Valley is not the Wild West.
Not The First Case
This isn’t the first case of hackers demanding bitcoin ransom after compromising important data managed by large corporations.
Just recently, the corporate travel firm CWT negotiated and paid off hackers who had stolen critical company files. The University of California is also a recent victim of hackers who had to be paid $1 million after shutting down the institution’s servers.
However, these two cases had been reported to the authorities, and the negotiations and ransom payments adhered to the policies in place.