Reuters reports on the 20-year-old Florida man who was responsible for Uber's data breach. The company then paid the man $100,000 to destroy the information he collected. Uber made the payment through its bug bounty service as a way to confirm the identity of the person behind the cyberattack compromising 57 million users and to ensure the data was ultimately destroyed. Following the payment, Uber conducted a forensic analysis to confirm the data was removed from the hacker’s machine and made him sign a nondisclosure agreement. Former HackerOne Executive Katie Moussouris criticized Uber, saying the use of a bug bounty program does not allow the company to bypass data breach notification laws.
If you want to comment on this post, you need to login.