UK: May narrowly avoids defeat in parliament on EU trade laws
Static inflation puts August rate rise in doubt
Blue Origin Successfully Launches New Shepard Rocket for High-Altitude Emergency Abort Test
Japan, EU eliminating most tariffs in trade deal
Uber paid 20-year-old man to keep data breach secret
07 December 2017, 05:54 | Kelvin Horton
Uber announced personal data of 57 million passengers were stolen in a breach in 2016
A Reuters report citing sources familiar with the matter claims that a 20 year-old from Florida was responsible for Uber's 2016 data breach.
HackerOne subsequently paid the person $100,000 in exchange for erasing the stole Uber data, the sources told Reuters.
Sources familiar with the hack told Reuters the payment was made through a program created to reward bug hunters who report flaws in a company's software.
The allegation will make life more hard for Uber CEO Dara Khosrowshahi, who had only became aware of the breach recently, as he had only joined the company in August. He stepped down as Uber CEO in June and has taken a vow of silence too.
In order to cover the attack up, Uber used its bug bounty service hosted by HackerOne.
Uber declined to pursue criminal charges after determining that the person didn't pose an additional threat and eventually paid the hacker after confirming their identity and making them sign a nondisclosure agreement, Reuters reported.
The most interesting part, which is hacker's description according to a source - "Living with his mom in a small home trying to help pay the bills". "Our recommendation is to never store access tokens, passwords, or other authentication or encryption keys in the code", that company said in a statement. The pilfered data included personal information such as names, email addresses and driver's license numbers, but not Social Security numbers and credit card information, the company said.
Moussouris added that the failure to report the breach was a grievous error: "The creation of a bug bounty program doesn't allow Uber, their bounty service provider or any other company the ability to decide that breach notification laws don't apply to them". The breach occurred in October 2016, but was not revealed until last month.
Sullivan and Clark did not respond to requests for comment.
Last week, three more top managers in Uber's security unit resigned. The bounty program is meant to reward security researchers who bring bugs to the company's attention so that a fix can be put into place.
Light snow, rain chances continue overnight
Wednesday looking colder with lows in the upper 30s and few flurries during the afternoon with no accumulation. Highs today near seasonal hitting the lower 40s but winds will still be gusting at 15-20 miles per hour .
The most expensive painting Da Vinci will appear in UAE
By then the painting was generally reckoned to be the work of a follower of Leonardo and not the work of Leonardo himself. The New York Times reports the mystery buyer was a little-known Saudi prince according to documents it reviewed.
Nicehash Hacked: $62 Million In Bitcoin Stolen
Another NiceHash user Philip Richardson tweeted: "If I don't get my btc back I will never use your service again". Hackers have plundered a digital currency exchange, stealing millions of pounds worth of customers' Bitcoin .