In
November, Uber CEO Dara Khosrowashahi revealed that the company’s
third-party server was compromised in October 2016 and the details of
about 57 million customers were leaked. This information was made public
after a report from Bloomberg claimed that Uber made a $100,000 payoff to destroy the hacked data.
In a related development, it has now been found that the hacker acting behind this breach is a 20-year-old man from Floria. As per a report by Reuters, the payment to the hacker was made via Uber’s bug bounty program hosted by HackerOne.
While the exact identity of the hacker hasn’t been revealed, it’s
being suspected that then-CEO Travis Kalanick was aware of the breach
and payment.
The most interesting part, which is hacker’s description according to a source — “Living with his mom in a small home trying to help pay the bills.” The hacker further paid a second person who offered his services in accessing GitHub to obtain credentials for accessing Uber’s data.
If the payment was actually made via HackerOne bug bounty program, it was an unusual incident as it involved a hacker who stole data. HackerOne’s CEO said that he couldn’t discuss an individual customer’s programs.
As per the report, Uber also conducted a forensic analysis of hacker’s machine to make sure that no traces of data were left behind. The company also didn’t want to pursue prosecution of a man who didn’t appear to pose a threat in future.
In a related development, it has now been found that the hacker acting behind this breach is a 20-year-old man from Floria. As per a report by Reuters, the payment to the hacker was made via Uber’s bug bounty program hosted by HackerOne.
The most interesting part, which is hacker’s description according to a source — “Living with his mom in a small home trying to help pay the bills.” The hacker further paid a second person who offered his services in accessing GitHub to obtain credentials for accessing Uber’s data.
If the payment was actually made via HackerOne bug bounty program, it was an unusual incident as it involved a hacker who stole data. HackerOne’s CEO said that he couldn’t discuss an individual customer’s programs.
As per the report, Uber also conducted a forensic analysis of hacker’s machine to make sure that no traces of data were left behind. The company also didn’t want to pursue prosecution of a man who didn’t appear to pose a threat in future.
No comments:
Post a Comment