Published: Fri, December 08, 2017
Industry | By Dora Warner

Uber Used Bug Bounty Cash To Pay Hacker To Keep Quiet

Uber Used Bug Bounty Cash To Pay Hacker To Keep Quiet

The hacker who swiped data from more than 57 million Uber users last year was a 20-year-old Florida man who lives with his mom-and received $100,000 from the ride-share company to keep his breach secret, according to a report on Wednesday. According to the publication's sources, Uber paid the hacker through a program created to reward security researchers reporting flaws in its software, the Uber's bug bounty service, which offers its platform to tech companies. HackerOne's CEO said that he couldn't discuss an individual customer's programs.

The company never provided any information about the hacker or how he was paid. The paid a hacker $100,000 to destroy the information. The hacker was not a part of the program, but found a way into the system and emailed the company demanding money.

Uber responded by paying him $4.5m and his lawyer $3m and then failed to disclose any of the details of the saga to the company suing it - Waymo - despite Waymo being explicitly named in the resignation letter.

Airtel's new 4G pack is 30% cheaper than Reliance Jio
Additionally, customers also take advantage of 100 free SMS per day and unlimited calls (local, STD and national roaming). Not only this, these four telcos have taken data recharge offers to another level, nearly offering 1GB to 3.5 GB per day.


According to two of Reuters' sources, Uber made the payment to confirm the hacker's identity and have him sign a non-disclosure agreement to deter further wrongdoing.

As per the report, Uber also conducted a forensic analysis of hacker's machine to make sure that no traces of data were left behind.

The Uber hack was disclosed last month.

'Today' show dominates in ratings with Lauer firing
Lauer reportedly has not been paid past his last day at work, which was November 28. Today also won the key demo for the week with an average of 1.723 million viewers.


KitGuru Says: The Uber hack was clearly handled poorly, particularly since paying off data thieves encourages others to attempt the same thing. The company also didn't want to pursue prosecution of a man who didn't appear to pose a threat in future.

Dara Khosrowshahi, who replaced Mr Kalanick in August, made details of the leak public, adding: "none of this should have happened, and I will not make excuses for it".

As well as the firing of two security officials, a further three managers in Uber's security department have resigned in the past week as new CEO Khosrowshahi clears house. "We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers".

GM Marketplace Lets Drivers Order a Latte From the Dashboard
Now, with the rise of connected vehicles, users have the opportunity to leverage this technology at home and on-the-go. Chamorro says the intent is not to bombard the driver with advertising.


Like this: