audreyh1
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
This really blew my mind! Wow!
So - Uber pays hackers $100K to supposedly delete stolen data (right!) and not tell anyone about it. Oh yeah - and forget letting their customers, drivers, or authorities know. What kind of mentality does that company have?!?!?
They tracked down the hackers and made them sign NDAs instead of turning them over to authorities?!?!?
https://www.wired.com/story/uber-paid-off-hackers-to-hide-a-57-million-user-data-breach/
Also
So - Uber pays hackers $100K to supposedly delete stolen data (right!) and not tell anyone about it. Oh yeah - and forget letting their customers, drivers, or authorities know. What kind of mentality does that company have?!?!?
They tracked down the hackers and made them sign NDAs instead of turning them over to authorities?!?!?
On Tuesday, Uber revealed in a statement from newly installed CEO Dara Khosrowshahi that hackers stole a trover of personal data from the company's network in October 2016, including the names and driver's license information of 600,000 drivers, and worse, the names, email addresses, and phone numbers of 57 million Uber users.
As bad as that data debacle sounds, Uber's response may end up doing the most damage to the company's relationship with users, and perhaps even exposed it to criminal charges against executives, according to those who have followed the company's ongoing FTC woes. According to Bloomberg, which originally broke the news of the breach, Uber paid a $100,000 ransom to its hackers to keep the breach quiet and delete the data they'd stolen. It then failed to disclose the attack to the public—potentially violating breach disclosure laws in many of the states where its users reside—and also kept the data theft secret from the FTC.
https://www.wired.com/story/uber-paid-off-hackers-to-hide-a-57-million-user-data-breach/
Also
https://www.nytimes.com/2017/11/21/technology/uber-hack.html?_r=0The two hackers stole data about the company’s riders and drivers — including phone numbers, email addresses and names — from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data, the employees said.
Uber acquiesced to the demands, and then went further. The company tracked down the hackers and pushed them to sign nondisclosure agreements, according to the people familiar with the matter. To further conceal the damage, Uber executives also made it appear as if the payout had been part of a “bug bounty” — a common practice among technology companies in which they pay hackers to attack their software to test for soft spots.