Uber Paid 20-Year-Old Florida Man to Keep Data Breach Secret

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
A 20-year-old Florida man was responsible for the large data breach at Uber last year and was paid by Uber to destroy the data through a so-called “bug bounty” program normally used to identify small code vulnerabilities. Uber announced on Nov. 21 that the personal data of 57 million users, including 600,000 drivers in the United States, were stolen in a breach that occurred in October 2016, and that it paid the hacker $100,000 to destroy the information.

Uber made the payment last year through a program designed to reward security researchers who report flaws in a company’s software, these people said. Uber’s bug bounty service - as such a program is known in the industry - is hosted by a company called HackerOne, which offers its platform to a number of tech companies. Reuters was unable to establish the identity of the hacker or another person who sources said helped him.
 
So through a bug bounty program they publicly reward for a hacker found a bug that gave him access to all of this data and then UBER rewarded him for his finding then told him to destroy the data? I'm a bit confused if anything malicious actually happened?
 
Rahh said:
So through a bug bounty program they publicly reward for a hacker found a bug that gave him access to all of this data and then UBER rewarded him for his finding then told him to destroy the data? I'm a bit confused if anything malicious actually happened?
Click to expand...

There's no understanding "Florida Man".
 
The Florida man right-clicked 4chan.exe and ran as administrator and saw results.
 
https://arstechnica.com/information...ogram-to-launder-blackmail-payment-to-hacker/

Ahh, I was confused, basically, someone hacked Uber and to hide the transfer of money to the blackmailer in return for deleting the data, they did it through Uber's program to pay white hat hackers for finding security bugs. As the Arstechnica article notes, this is fucking bullshit for Uber to hide this happening in 2016, keeping it hidden till now (most likely revealed when new management took over from Kalanick), I blame Travis Kalanick and his management for being a pack of lying, unethical bastards. Absolute bullshit, and they get away scot free, and people suffer for no fucking reason and without any compensation. Sue the bastards then fine the bastards. Its pretty fucking obvious Uber's been pissing on everyone without remorse, regret or any semi-balance of ethics.
 
Happens all the time, we just never hear about it.

If the data was destroyed & there's legit no copy anywhere, and as they are a PRIVATE (non-government) entity, I applaud them for taking care of the issue with no malicious/negative consequences to the end-user.

Non-issue as far as this specific breach is concerned - but what have they done since to harden?
 
I had to pay $45K in taxes on that money too.
 
Yeah, so Uber needs to be financially responsible for life time protection for everyone's information that was stolen. On top of that executive officers need to go to jail over this.
 
this may look bad for uber.

but it finally vindicates Florida Man.

the worlds most misunderstood super hero.
 
You must log in or register to reply here.
Back
Top