Tag: guilty | Page 3

Former Uber security officer found guilty of hiding major hack from regulators

October 25, 2022/in Computer Security

An Uber executive was found guilty of paying off hackers to hide a major data breach from the Federal Trade Commission.

A federal jury found Joseph Sullivan, the former chief security officer at Uber, guilty of obstructing the FTC from investigating a 2016 hack of the ride-sharing platform.

“Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission and took steps to prevent the hackers from being caught,” said U.S. Attorney Stephanie Hinds in a press release. “We will not tolerate concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”

GOOGLE ANNOUNCES PIXEL 7 AND FIRST-EVER SMARTWATCH

“The message in today’s guilty verdict is clear: companies storing their customers’ data have a responsibility to protect that data and do the right thing when breaches occur,” said FBI special agent Robert Tripp. “The FBI and our government partners will not allow rogue technology company executives to put American consumers’ personal information at risk for their own gain.”

Sullivan’s lawyers pushed back on the verdict. “Mr Sullivan’s sole focus — in this incident and throughout his distinguished career — has been ensuring the safety of people’s personal data on the internet,” said David Angeli, who represented Sullivan in court, according to Computing.

Sullivan was prosecuted over his role in a 2016 breach in which the data of 50 million users and seven million drivers was exposed, including names, email addresses, and phone numbers. Sullivan had only been on the job for a few months and assisted with an FTC investigation into a 2014 hack. However, the CSO attempted to hide the existence of the 2016 hack, telling employees that the information around it had to be “tightly controlled,” and paid the hackers $100,000 in bitcoin in exchange for them to sign non-disclosure agreements to not publicly speak about the security breach.

Uber fired Sullivan…

Source…

Ex-Uber chief security officer found guilty of covering up 2016 data breach

October 7, 2022/in Computer Security

SAN FRANCISCO – The ex-chief security officer of Uber Technologies Inc. has been convicted of covering up a 2016 data breach involving 57 million of the San Francisco-based ride-hailing company’s users, according to the U.S. Attorney’s Office.

A jury on Wednesday found Joseph Sullivan guilty of obstruction of justice and misprision of felony, or having knowledge that a federal felony was committed and taking steps to conceal that crime, prosecutors said in a statement. He faces up to five years for the obstruction charge and up to three years for the misprision charge.

According to the U.S. Attorney’s Office, Sullivan was hired as Uber’s chief security officer in April 2015. The company at the time had recently disclosed to the Federal Trade Commission that it had been the victim of a data breach in 2014. The breach related to the unauthorized access of 50,000 customers’ personal information.

The FTC subsequently opened an investigation into Uber’s data security program and practices. In May 2015, a month after Sullivan was hired, the federal agency served the company with a demand for information about any other instances of unauthorized access to user personal information, as well as information regarding its broader data security program and practices.

Prosecutors said Sullivan played a key role in Uber’s response to the FTC – he supervised its responses to the agency, participated in a presentation to the regulators in March 2016 and testified under oath on Nov. 6, 2016, regarding the company’s practices.

Ten days after he testified, Sullivan learned that Uber had been hacked again. The hackers reached out to Sullivan directly via email on Nov. 14, 2016, and informed him and others at the company that they had stolen user data, according to the U.S. Attorney’s Office. The hackers also reportedly demanded a ransom to delete that data.

All told, the breach involved 57 million Uber users and 600,000 driver license numbers.

Prosecutors said Sullivan did not report the new data breach to the FTC, other authorities or users; he instead arranged to pay off the hackers in exchange for them signing non-disclosure agreements in which they promised not to reveal…

Source…

Former Uber security chief guilty of data breach coverup

October 6, 2022/in Computer Security

SAN FRANCISCO – The former chief security officer for Uber was convicted Wednesday of trying to cover up a 2016 data breach in which hackers accessed tens of millions of customer records from the ride-hailing service.

A federal jury in San Francisco convicted Joseph Sullivan of obstructing justice and concealing knowledge that a federal felony had been committed, federal prosecutors said.

Sullivan remains free on bond pending sentencing and could face a total of eight years in prison on the two charges when he is sentenced, prosecutors said.

“Technology companies in the Northern District of California collect and store vast amounts of data from users,” U.S. Attorney Stephanie M. Hinds said in a statement. “We will not tolerate concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users.”

It was believed to be the first criminal prosecution of a company executive over a data breach.

A lawyer for Sullivan, David Angeli, took issue with the verdict.

“Mr. Sullivan’s sole focus — in this incident and throughout his distinguished career — has been ensuring the safety of people’s personal data on the internet,” Angeli told the New York Times.

An email to Uber seeking comment on the conviction wasn’t immediately returned.

Sullivan was hired as Uber’s chief security officer in 2015. In November 2016, Sullivan was emailed by hackers, and employees quickly confirmed that they had stolen records on about 57 million users and also 600,000 driver’s license numbers, prosecutors said.

After learning of the breach, Sullivan began a scheme to hide it from the public and the Federal Trade Commission, which had been investigating a smaller 2014 hack, authorities said.

According to the U.S. attorney’s office, Sullivan told subordinates that “the story outside of the security group was to be that ‘this investigation does not exist,'” and arranged to pay the hackers $100,000 in bitcoin in exchange for them signing non-disclosure agreements promising not to reveal the hack. He also never mentioned the breach to Uber lawyers who were involved with the FTC’s inquiry,…

Source…

Alleged GTA 6 hacker pleads not guilty to computer misuse, remains detained by police

September 28, 2022/in Computer Security

❘ Published: 2022-09-28T07:15:00

❘ Updated: 2022-09-28T06:47:32

The teenager suspected to be behind the recent GTA 6 leaks has pleaded not guilty to the hacking charges, and is now being held in a youth crime detention center.

According to Eurogamer, the 17-year-old who is suspected to be behind the GTA 6 hack has pleaded not guilty to the charges. The City of London Police’s Cyber Crime Unit spoke to Eurogamer about the situation at hand.

City of London detective inspector Michael O’Sullivan issued a statement to the outlet, confirming that he had appeared in court over the past weekend.

“The 17-year-old who appeared at Highbury Corner Youth Court on 24th September has pleaded guilty to breaching his bail conditions and not guilty to computer misuse.” O’Sullivan then revealed that following the court hearing, “the teenager has been remanded to a youth detention center.”

Prosecutor Valerie Benjamin said in court that the suspect had used a phone to hack into companies and was “holding them to ransom” to gain access to illegally obtained software, Bloomberg Law reports. The suspect was charged with two counts of break of bail conditions as well as two counts of computer misuse.

The judge referred the case to a higher court where it’ll be heard with a “similar” matter at a later date. On Sunday, September 18, one of the biggest leaks in gaming history took place, with Rockstar Games’ upcoming Grand Theft Auto 6 title having over 90 videos and images shared online – including detailed footage of the game.

On the evening of Thursday 22 September 2022, the City of London Police arrested a 17-year-old in Oxfordshire on suspicion of hacking, as part of an investigation supported by the @NCA_UK’s National Cyber Crime Unit (NCCU). He remains in police custody. pic.twitter.com/Zfa3OlDR6J

— City of London Police (@CityPolice) September 23, 2022

On Thursday, September 22, the suspected hacker was arrested by the City of London police. Since the incident took place, Rockstar has addressed the security breach, confirming that the leaked footage was real and voicing how “extremely disappointed” the dev team is “to have any…

Source…

Tag Archive for: guilty