Senators grill Uber CISO over 2016 breach, extortion incident
Senators rebuked Uber on Tuesday during a Senate Commerce subcommittee hearing over the company’s handling of the data breach it disclosed in November 2017, with one lawmaker calling the company’s decision to wait a year before publicly disclosing it “morally wrong and legally reprehensible.” Uber’s actions “violated not only the law but the norm of what should be expected,” said Sen. Richard Blumenthal, D-Conn., the subcommittee’s ranking member said. Uber revealed in November 2017 it paid $100,000 to delete data of 57 million users worldwide that was maliciously obtained by Florida-based hackers. The data included names, email addresses and phone numbers, and in some cases, encrypted passwords and driver’s license numbers. While Uber says that the hackers acted maliciously, the company paid them through HackerOne, which hosts Uber’s bug bounty program – a way for ethical hackers to receive payouts for informing companies about vulnerabilities. During the hearing, the lawmakers questioned Uber’s chief […]
The post Senators grill Uber CISO over 2016 breach, extortion incident appeared first on Cyberscoop.
Continue reading Senators grill Uber CISO over 2016 breach, extortion incident