Uber admitted the data leak in 2016 and reached a non prosecution agreement with FTC
On July 24, Uber officially admitted its responsibility for concealing the data leakage of 57million passengers and drivers in 2016. In 2016, Uber was attacked by hackers. At that time, the personal information of 57million passengers and drivers was stolen by hackers.
After the incident, Joseph Sullivan, the former security director of Uber, tried to hide it. The United States federal judge said on Tuesday that Sullivan must face charges of telecommunications fraud.
At the same time, he also deceived passengers, drivers and FTC. Sullivan retorted that the prosecutor accused him of concealing the hacking incident, saying that his purpose was to prevent the driver from escaping and let the driver continue to pay the service fee, but there was no tangible evidence for such accusations. San Francisco District Judge William Orrick clearly disagreed.
Not only that, Sullivan also believed that the CEO and general counsel of Uber at that time, not the driver, were deceived, and the judge did not agree with this. Orick said that although Sullivan’s false statement did not face the driver directly, it was only part of a larger deception plan, which targeted the driver. Prosecutors claimed that Sullivan paid hackers bitcoin as a sealing fee, worth about $100000. He also asked hackers to sign confidentiality agreements, saying they did not steal data.
After learning about the data leak, the current CEO of Uber, Dara khosrowshahi, dismissed Sullivan. In September 2018, Uber paid US $148million to settle claims with 50 states and Washington DC. The plaintiff believed that Uber disclosed information too slowly. According to Reuters, the company reached a non prosecution agreement with the Federal Trade Commission (FTC). As part of the agreement, Uber admitted that it did not notify the agency of the cyber attack. In addition, the company also agreed to cooperate with the prosecution of Joe Sullivan, the former chief security officer.
Sullivan was fired by the company shortly after the incident was exposed. The company disclosed the details of data disclosure for the first time in 2017. Instead of sharing the information it knows with the government and users, the company paid $100000 to hackers to delete the information and remain silent. “None of this should happen, and I won’t make excuses for it,” said Dara khosrowshahi, then chief executive of Uber, at the time of the disclosure. This is what McKinsey said when it first proposed the arrival of the era of big data.
Nowadays, most enterprises enjoy the dividends brought by big data, but few enterprises think about whether the enterprise information data is really safe enough and whether the could data security is ensured? Will it not be stolen or illegally used by people with ulterior motives?
In today’s digital world, we tend to regard privacy issues as new issues, but they are obviously not. Although the word “privacy” itself is a relatively new word, it has embodied its modern meaning as early as the early 19th century, so it is as old as history. Today, computers can recognize everyone as the local police recognized their neighbors a hundred years ago. The policeman who used to stand on a street corner has now become a policeman standing on all street corners. In addition, the memory of computers is nearly endless, and they will contact all other policemen in time. Of course, they can also quickly obtain the tax records that were kept in the filing cabinet in the basement of the municipal building in the past. Moreover, they occasionally become broken mouthed, willing to share all kinds of information with people and even criminals, and sometimes even share information without knowing it.
Through different means, all walks of life can collect users’ personal information and other content for integrated use, provide users with more accurate services, and even predict user behavior, portraits, etc. with the help of data. After the integration of these data, they have become important enterprise information, which can help enterprises make decisions, transformation and so on. With Vinchin Backup & Recovery, you can also easily build an offsite disaster recovery (DR) center by duplicating XenServer backups at the primary site to a remote site or external storage.