Florida man, 20, responsible for Uber hack: report

Ride-haling firm paid USD 100,000 to attacker to keep the breach secret and destroy the data

Tags: Cyber crimeUber (www.uber.com/)
  • E-Mail
Florida man, 20, responsible for Uber hack: report Uber concealed the breach that compromised the personal information of 57 million customers and drivers in October 2016. (Getty Images)
By  David Ndichu Published  December 7, 2017

A 20-year-old man living in Florida with his mum was responsible for the massive data breach at Uber that revealed last month, Reuters has reported.

The man was paid $100,000 to destroy the information and keep the breach secret, as well as a pledge not to target the company. Reuters was unable to establish the identity of the hacker or another person who apparently helped him.

Uber announced on Nov. 21 that the personal data of 57 million passengers and 600,000 drivers were stolen in a breach that occurred in October 2016. But the company did not reveal any information about the hacker or how it paid him the money.

The breach led to widespread outrage, as well as the firing of senior IT personnel at the ride-hailing pioneer, including the chief security officer and a deputy.

Uber paid the money through a so-called "bug bounty" program normally used to identify small code vulnerabilities, Reuters reported.

Bug bounty is designed to reward security researchers who report flaws in a company's software. Uber's bug bounty service - as such a program is known in the industry - is hosted by a company called HackerOne, which offers its platform to a number of tech companies.

Experts contend a payment of $100,000 through a bug bounty program would be extremely unusual, where payments are typically in the $5,000 to $10,000 range.

Related: Uber hid stolen customer data by paying off hackers

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code