From Bloomberg Law:
The world for in-house legal and cybersecurity professionals was turned upside down this week when a San Francisco jury returned a stunning verdict in a criminal case against Uber ex-security chief Joseph Sullivan.
Sullivan is a friend and former colleague. We worked together at eBay, when I was the company’s general counsel and he worked in trust and safety. I was at the courthouse Wednesday when the jury announced its verdict.
Sullivan was convicted on a pair of charges stemming from a 2016 breach, in which hackers stole the personal information of 57 million Uber app users. The hackers then contacted Sullivan by email to demand a ransom. He funneled them through the company’s established bug bounty program, paid them $100,000 for information regarding the security flaw, then led a companywide effort to find the hackers and fix the hole.
After discussing the matter with CEO founder Travis Kalanick, Sullivan followed the advice of Uber’s in-house privacy/security lawyer and concluded that it was not necessary to report the breach to authorities. That was a tragic mistake with wide ranging and serious implications for top lawyers and compliance and cybersecurity leaders across the business world.
Continue reading Uber Security Chief’s Conviction Raises Red Flags: Good Counsel on Bloomberg Law
Do you have a complaint about Uber or Uber Eats, such as overcharges or fraud? Take your claim to FairShake, the consumer advocacy service.