Today's Hard|Forum Post
Today's Hard|Forum Post

Thursday December 07, 2017

Uber Paid 20-Year-Old Florida Man to Keep Data Breach Secret

A 20-year-old Florida man was responsible for the large data breach at Uber last year and was paid by Uber to destroy the data through a so-called "bug bounty" program normally used to identify small code vulnerabilities. Uber announced on Nov. 21 that the personal data of 57 million users, including 600,000 drivers in the United States, were stolen in a breach that occurred in October 2016, and that it paid the hacker $100,000 to destroy the information.

News Image

Uber made the payment last year through a program designed to reward security researchers who report flaws in a company’s software, these people said. Uber’s bug bounty service - as such a program is known in the industry - is hosted by a company called HackerOne, which offers its platform to a number of tech companies. Reuters was unable to establish the identity of the hacker or another person who sources said helped him.

Discussion