Florida man, 20, responsible for Uber hack

Angelica Greene
December 8, 2017

But the company did not reveal any information about the hacker or how it paid him the money.

Reuters reports that a 20-year-old man from Florida was behind the data breach last year that saw the information of 57 million Uber users and drivers exposed.

The unnamed hacker was paid $100,000 by Uber to destroy all the data he'd nicked back in October 2016, according to sources talking to Reuters, and was paid by the ride-hailing company through a "bug bounty" program. HackerOne doesn't manage Uber's program.

Digging further into the issue, Uber disguised the payment as a bug bounty - despite paying more than 10 times the typical rate for the discovery of such a bug - and ran the payment through a company called HackerOne, which is used by a number of other tech companies for similar (legit) programs. But the company did not reveal who the hacker was or how the payment was made. Such a high payment would be "extremely unusual" and would represent an all-time record, according to one former HackerOne executive cited in the report.

The allegation will make life more hard for Uber CEO Dara Khosrowshahi, who had only became aware of the breach recently, as he had only joined the company in August.

Bug bounty programs are typically used to reward security researchers for finding vulnerabilities or flaws in software.

Starbucks to Open Biggest Cafe in the World in Shanghai
Shanghai's newest Starbucks also sells beer and wine, including a craft beer made from Kenya, Colombia and Guatemala coffees. The chocolate chunk with almond cookies look especially tempting - but at 38RMB, or $5.75 each - they should be.

Instagram to carry abuse warning for koala and tiger selfies
Instagram isn't saying which terms will trigger the flags, though, as it wants users to discover them on their own. Starting today, Instagram is making it harder to find such content.

Spain Drops Arrest Warrant For Ousted Catalan Leader Carles Puigdemont
The statement added the global warrant can not apply because the crimes are alleged to have been committed as part of a wider group.

CEO of HackerOne Marten Mickos commented that he could not talk about the programs of individual customers.

Reuters didn't identify the Florida hacker by name, but a source described him as "living with his mom in a small home trying to help pay the bills".

This all has a distinct whiff of bad practice about it, something which has plagued Uber of late, what with losing its London license and the rather nasty actions of former chief executive Travis Kalanick.

As well as the firing of two security officials, a further three managers in Uber's security department have resigned in the past week as new CEO Khosrowshahi clears house.

Uber is already under fire for not disclosing the hack earlier to authorities and could be hit with stiff financial penalties.

Other reports by GizPress

Discuss This Article