One Article Review
| Source |  Schneier on Security |
|---|---|
| Identifiant | 8397666 |
| Date de publication | 2023-10-19 11:08:36 (vue: 2023-10-19 12:07:10) |
| Titre | L'ancien Uber Ciso faisant appel de sa conviction Former Uber CISO Appealing His Conviction |
| Texte | Joe Sullivan, PDG d'Uber & # 8217; lors de leur violation de données 2016, est attrayant Sa conviction.
Les procureurs ont inculpé Sullivan, qu'Uber a embauché comme CISO après la violation de 2014, de retenir des informations sur l'incident de 2016 de la FTC, alors même que ses enquêteurs examinaient les pratiques de sécurité et de confidentialité des données de l'entreprise.Le gouvernement a fait valoir que Sullivan aurait dû informer la FTC de l'incident de 2016, mais a plutôt fait tout son possible pour leur cacher.
Les procureurs ont également accusé Sullivan d'avoir tenté de cacher la violation elle-même en payant 100 000 $ pour acheter le silence des deux pirates derrière le compromis.Sullivan avait caractérisé le paiement comme une prime de bogue similaire à celle que d'autres sociétés font régulièrement aux chercheurs qui leur rapportent des vulnérabilités et d'autres problèmes de sécurité.Ses avocats ont souligné que Sullivan avait effectué le paiement avec la pleine connaissance et la bénédiction de Travis Kalanick, PDG d'Uber à l'époque, et d'autres membres de l'équipe juridique du géant du géant du conducteur ...
Joe Sullivan, Uber’s CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company’s data security and privacy practices. The government argued that Sullivan should have informed the FTC of the 2016 incident, but instead went out of his way to conceal it from them. Prosecutors also accused Sullivan of attempting to conceal the breach itself by paying $100,000 to buy the silence of the two hackers behind the compromise. Sullivan had characterized the payment as a bug bounty similar to ones that other companies routinely make to researchers who report vulnerabilities and other security issues to them. His lawyers pointed out that Sullivan had made the payment with the full knowledge and blessing of Travis Kalanick, Uber’s CEO at the time, and other members of the ride-sharing giant’s legal team... |
| Envoyé | Oui |
| Condensat | $100 000 2014 2016 about accused after also appealing argued attempting behind blessing bounty breach bug but buy ceo characterized charged ciso companies company’s compromise conceal conviction data during even former from ftc full giant’s government hackers had have hired his incident information informed instead investigators issues its itself joe kalanick knowledge lawyers legal made make members ones other out paying payment pointed practices privacy prosecutors report researchers ride routinely scrutinizing security sharing should silence similar sullivan team them time travis two uber uber’s vulnerabilities way went who whom withholding |
| Tags | Vulnerability |
| Stories | Uber |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.