Uber’s ex-CSO who hid data breach narrowly escapes prison

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
It’s human nature to want to conceal embarrassing stuff to make yourself look good. When it comes to work, it can be covering up your or your company’s slip-ups and mistakes in the hopes that no one will notice — an approach that reeks of unprofessionalism and will inevitably backfire, causing more problems or damage in the long run. This part of human nature is what prosecutors say led to the downfall of Joe Sallivan, the former chief security officer (CSO) of ride-hailing and food delivery company Uber.

On May 4, Sullivan was sentenced to three years of probation for obstruction of justice and felony cover-up related to the 2016 data breach. In that breach, two hackers accessed the personal information (names, email addresses, and phone numbers) of 57 million Uber riders and drivers, including the driver’s license numbers of approximately 600,000 drivers in the US. While data breaches of this magnitude are rare but not unheard of, what makes this case particularly interesting is that it’s the first time a company’s chief security officer faced criminal charges for mishandling it, with a real prospect of landing in jail.

Uber kept its customers and contractors in the dark about the breach for a year. This secrecy not only cost the firm some $148 million in fines, but, most importantly, robbed customers and drivers of the ability to take timely steps to protect themselves from identity theft, fraud, and other risks they faced as a result of the potential misuse of their data by hackers.
 

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,448
That one didn't come out to bad, here is one that doesn't sit well with me, IMO, this womans crime was exaggeration and some rich investors believed it. Remember the big pharma owners that clearly knew the pain drugs were addictive after they had sworn on their mother's grave they didn't know and I don't believe one of them went to prison.
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
I think what Uber CSO did was wrong but it's the right decision. He deserves punishment but not prison in this case, it wouldn't be justified.

I don't think it's about class theory or class per say, yes, he had good lawyers, but I think in the end there would be no net benefit of sending him to prison.

Remember the big pharma owners that clearly knew the pain drugs were addictive after they had sworn on their mother's grave they didn't know and I don't believe one of them went to prison.
The problem with big pharma with opiates is that they knew (much like cigarettes) that the product was addictive but pushed it anyway and denied it until the court settlements.

I think why big pharma execs haven't been sent to prison is the fact that people actually wanted and chose to take them (much like cigarettes), seek out opiates by doctor shopping or pharmacy shopping and when the scripts ran out, they bought them through the illicit marketplace or switched to heroin/fentanyl because it was cheaper.

Doesn't excuse the big pharma marketing campaign on opiates or the doctors who fuelled the current epidemic, both actors are equally responsible.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top