Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)
NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.
NB: All your data is kept safe from the public.
The former Chief Security Officer (CSO) for Uber Technologies Inc., Joe Sullivan, received an anonymous email on the 14th of November 2016. The unidentified source claimed to be hackers warning they had gained access to the organization’s database. The hackers threatened exposure to the breach and requested compensation, promising in return that the stolen data would be destroyed (Conger, 2020).
An investigation ensued the next day, on the 15th of November 2016, and investigators substantiated the unnamed sender’s claims of a breach. The culprits exploited Uber’s security vulnerabilities and captured a staggering amount of confidential information (Sharwood, 2016). The documentation gathered by the hackers contained the names and contact details of over 50 million Uber customers globally as well as 7 million employees (Newcomer, 2017).
Uber’s database was compromised through security exploitation, the hackers stole credentials from a third-party cloud storage system they used, known as ‘GitHub’, and then proceeded to download the archived files (Sharwood, 2016). Following this, crime-as-a-service was carried out as they attempted to extort the company for a reported ‘six-figure sum’ (Lydia, 2019).
On the same day, it was uncovered that the claims of a breach were genuine, Joe Sullivan (CSO) and former Uber Chief Executive Officer Travis Kalanick relayed messages to each other regarding a ‘sensitive matter’ (Sharwood, 2016). Subsequently, on the 8th of December 2016, a transfer of one hundred thousand dollars in bitcoin was authorized through a ‘bug bounty program, proving the hackers successful in their extortion attempts (Wright, 2019).
Weeks later in January 2017, Uber officials met up with the two hackers and discovered their identity. However, instead of reporting the criminals to the authorities, it was requested that Brandon Charles Glover and Vasile Mereacre sign confidentiality agreements (United States Department of Justice, 2019).
The details surrounding this crime would remain a secret until Uber’s CEO Travis Kalanick made the decision to resign in June 2017. His successor, Dara Khosrowshah, would go on to fire Joe Sullivan (CSO) for the breach cover-up and publically expose his wrongdoings in an open letter in August 2017 (Conger, 2020).
As a direct result of this, Uber was charged in violation of Section 5(a) of the Federal Trade Commission Act, 15 U.S.C. § 45(a) for ‘unfair or deceptive acts or practices in or affecting commerce’ (Federal Trade Commission, Plaintiff, v. Uber Technologies Inc., a California corporation, Defendant., 2018). The company decided to settle legal inquiries throughout all 50 states of the US for $148,000,000 and agreed to 20 years of private audits (Moon, 2022). Uber also paid fines of £385,000 and (600,000) in the Netherlands (Cimpanu, 2022).
Joe Sullivan himself was charged with obstruction of justice and misprison of a felony. An additional charge of wire fraud was added to his list of indictments in December 2021 (United States Department of Justice, 2019). He is yet to be sentenced for his alleged crimes and is currently the Chief Security Officer of Cloudfare Inc.
In October 2019, Glover and Mereacre pleaded guilty to charges of extortion conspiracy in federal court (United States Department of Justice, 2019). They were later charged with further offenses in relation to another cybercrime in which they attempted to extort further funds from Lyndas.com and LinkedIn (Cimpanu, 2022). Glover and Mereacre have since been released on bond awaiting their sentence (United States Department of Justice, 2019).
To conclude, Uber’s reaction to this data breach and its response to the hacker’s demands minimized this serious case of cybercrime by overshadowing it with corporate misconduct. The initial response to pay the hackers was a blatant attempt to conceal the incident and deceive their regulators and customers.
As well as this, their actions would validate the media’s already negative perception of the company at the time. After President Trump introduced the ‘travel ban’ in January 2017, taxi drivers began to strike at JFK Airport in New York (Sisson, 2017). Uber in turn reduced their charges, resulting in a rise in fares and subsequently profit. Hundreds of thousands of customers deleted the transportation app in response to what people construed as unethical corporate greed, resulting in huge losses for the company (Leskin, 2019).
Therefore, while the financial burden of settlement fees may not be earth-shattering for a corporate giant like Uber, the reputational damage is costly, which paradoxically is what they tried to protect in the first place with their deceptive cover-up.
Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)
NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.
NB: All your data is kept safe from the public.