Orbitz says hacker stole two years' worth of customer data
Standoff ended, armed man was inside Panera Bread near Princeton University
United Airlines Suspends Pet Cargo Program After Mishaps
UK House Price Inflation Eases Slightly In January
Gasoline Prices Across Green Country On The Rise
Uber paid 20-year-old man to keep data breach secret
07 December 2017, 05:54 | Kelvin Horton
Uber announced personal data of 57 million passengers were stolen in a breach in 2016
A Reuters report citing sources familiar with the matter claims that a 20 year-old from Florida was responsible for Uber's 2016 data breach.
HackerOne subsequently paid the person $100,000 in exchange for erasing the stole Uber data, the sources told Reuters.
Sources familiar with the hack told Reuters the payment was made through a program created to reward bug hunters who report flaws in a company's software.
The allegation will make life more hard for Uber CEO Dara Khosrowshahi, who had only became aware of the breach recently, as he had only joined the company in August. He stepped down as Uber CEO in June and has taken a vow of silence too.
In order to cover the attack up, Uber used its bug bounty service hosted by HackerOne.
Uber declined to pursue criminal charges after determining that the person didn't pose an additional threat and eventually paid the hacker after confirming their identity and making them sign a nondisclosure agreement, Reuters reported.
The most interesting part, which is hacker's description according to a source - "Living with his mom in a small home trying to help pay the bills". "Our recommendation is to never store access tokens, passwords, or other authentication or encryption keys in the code", that company said in a statement. The pilfered data included personal information such as names, email addresses and driver's license numbers, but not Social Security numbers and credit card information, the company said.
Moussouris added that the failure to report the breach was a grievous error: "The creation of a bug bounty program doesn't allow Uber, their bounty service provider or any other company the ability to decide that breach notification laws don't apply to them". The breach occurred in October 2016, but was not revealed until last month.
Sullivan and Clark did not respond to requests for comment.
Last week, three more top managers in Uber's security unit resigned. The bounty program is meant to reward security researchers who bring bugs to the company's attention so that a fix can be put into place.
Mother of man burnt alive wants guilty punished
Internet services have been suspended in parts of the state and people have been urged to stop sharing the video. In a second video, the man is seen justifying the incident to "protect the honour of Hindus against Muslims ".
Nicehash Hacked: $62 Million In Bitcoin Stolen
Another NiceHash user Philip Richardson tweeted: "If I don't get my btc back I will never use your service again". Hackers have plundered a digital currency exchange, stealing millions of pounds worth of customers' Bitcoin .