Jaap Arriens | NurPhoto | Getty Pictures)
A former Uber govt was charged Thursday in federal court docket on allegations that he organized to pay hackers $100,000 to cowl up a high-tech heist that stole the non-public details about 57 million of the ride-hailing service’s customers and drivers throughout 2016.
Two hackers pleaded responsible within the scheme final 12 months and are awaiting sentencing. The legal criticism filed Thursday towards Joseph Sullivan, Uber’s former chief safety officer, alleges that the hackers shared the info with a 3rd particular person — who should have it.
Sullivan, 52, beforehand served as an assistant U.S. lawyer in a Pc Hacking and IP Unit. He labored in the identical federal prosecutor’s workplace that introduced the fees towards him.
Sullivan, who lives in Palo Alto, California, was additionally beforehand employed by Fb, eBay and PayPal. He was a member of the federal Fee on Enhancing Nationwide Cybersecurity beneath President Barack Obama.
Bradford Williams, a spokesman for Sullivan who additionally beforehand labored for eBay, mentioned in a press release there may be “no advantage” to the fees.
“If not for Mr. Sullivan’s and his staff’s efforts, it is probably that the people chargeable for this incident by no means would have been recognized in any respect,” the assertion mentioned. “From the outset, Mr. Sullivan and his staff collaborated intently with authorized, communications and different related groups at Uber, in accordance with the corporate’s written insurance policies. These insurance policies made clear that Uber’s authorized division — and never Mr. Sullivan or his group — was chargeable for deciding whether or not, and to whom, the matter needs to be disclosed.”
Sullivan’s fees got here on the identical day as a California appeals court docket allowed Uber and Lyft to proceed treating their drivers as unbiased contractors within the state in a choice that may give the 2 corporations just a few extra months to guard their enterprise fashions in a key market.
The allegations of a cover-up served as yet one more reminder of Uber’s sordid previous beneath the management of its co-founder Travis Kalanick, who stepped down beneath stress in 2017. Since then, Uber has been run by Dara Khosrowshahi, who has beforehand apologized for the San Francisco firm’s previous conduct beneath his predecessor. Prosecutors mentioned Uber cooperated with its investigation that led to the fees towards Sullivan.
The case is being introduced by the identical U.S. lawyer who received a legal conviction towards a former Google engineer sentenced to 18 months in federal jail earlier this month after pleading responsible to stealing commerce secrets and techniques earlier than becoming a member of Uber’s effort to construct robotic autos. There was by no means any proof that he used Google’s commerce secrets and techniques whereas overseeing Uber’s self-driving automobile division.
Sullivan has not but been arraigned in federal court docket in San Francisco. He faces as much as eight years in jail, in addition to $500,000 in fines, if he’s convicted of obstruction of justice and misprision of a felony, a cost that alleges he intentionally hid the fee of against the law.
“Silicon Valley just isn’t the Wild West,” U.S. Legal professional David Anderson mentioned in a information launch. “We count on good company citizenship. We count on immediate reporting of legal conduct. We count on cooperation with our investigations. We won’t tolerate company cover-ups. We won’t tolerate unlawful hush cash funds.”
Within the wake of a 2014 hack that was beneath investigation by federal officers, Uber met — at Sullivan’s alleged directions — the brand new hackers’ 2016 demand with the $100,000 Bitcoin cost, prosecutors alleged. Sullivan then, prosecutors say, had the hackers signal non-disclosure agreements — twice — which included a false illustration that they’d not taken or saved any knowledge.
Sullivan allegedly hid the cost via what’s generally known as a “bug bounty” program, the place so-called “white hat” hackers are paid in the event that they level out safety issues however don’t compromise any knowledge.
Uber’s administration “in the end found the reality,” regardless of Sullivan’s alleged efforts to hide it, the U.S. lawyer’s workplace says, and publicly introduced the breach in November 2017. Sullivan was fired.
Prosecutors allege the hackers won’t have infiltrated different corporations if Sullivan had correctly reported Uber’s incident.
#Uber #exec #charged #hacking #coverup #prosecutors