"Uber's former Chief Security Officer competes with Roger Stone for criminal incompetence"

Violet Blue:

I was pretty excited to find out on August 20 that some criminals apparently skipped the long line of people waiting to hack Uber and instead just decided to work there. I'm talking about Joe Sullivan, Uber's former Chief Security Officer, who we found out was "charged with obstruction of justice and concealment of a felony for his role in the attempted coverup of a 2016 hack that exposed the data of 57 million Uber customers and drivers."

Use of the word "attempted" here is pretty generous. A year after Sullivan was hired at Uber, the company got hacked hard: the October 2016 intrusion exposed personal information of 57 million users and leaked the license numbers of 600,000 drivers. "Uber didn't report the breach to anyone, especially not victims or regulators," I wrote when I summed it up for Engadget. "The company paid $100K to the hackers in hush money (as if that actually works) and concealed the payment in an expense column called bug bounty."

That's right: Sullivan and his team -- with the full knowledge and blessing of Travis Kalanick -- had the bright idea bribing the hackers with Bitcoin and NDAs, pretending it was a bug bounty, and then when Uber's new CEO Dara Khosrowshahi took over, Sullivan and his cohorts repeated the "bug bounty" lie to Khosrowshahi. [...]

What's also fun to think about is that Sullivan use to work with Mat Henley running their previous employer's security ops: Facebook, where Sullivan worked from 2009-2015. I mean, what are a couple (dozen) felonies between friends? [...]

Look, we know that Silicon Valley is an engine powered by white collar crime (emphasis on the white). But it gets even more awkward when we find out that after Sullivan's absolute poo-flinging shitshow at Uber, he was hired by... Cloudflare.

Previously, previously, previously, previously, previously.

Tags: , , ,

3 Responses:

  1. James Napolitano says:

    Before pandaemic uber drivers here were doing their best to enhance the uber experience, airport to destinations,their were too many drivers,how they got signed up to drive is beyond me,one driver commented "nobody's minding the storyline a couple of years i,ve seen,many ways the rideshare companies have prospered by our professionalism, not easy driving on island,now pandemic here xl drivers like myself have been out since march,another lockdown starting tonight,the u.s.a. has a contagion problem our island too together we must protect each other at theses times and let yesterday go give aloha now ,was gonna rant on something bottom line we need to take care of one another and stop the spread that's what's important now!God bless to everyone everywhere aloha

  2. MattyJ says:

    The article doesn't even mention that at the time the 2016 hack happened, Sullivan was preparing sworn testimony to the FTC regarding a separate security breach from 2014. The final statement on that was given to the FTC 10 days after the 2016 hack. So it's not like reporting obligations were not in the forefront if his mind at the time.

  • Previously