Uber Secretly Paid A Twenty-Year-Old Kid $100,000 To Cover Up Its Data Breach

Uber

Source -  A 20-year-old Florida man was responsible for the large data breach at Uber Technologies Inc last year and was paid by Uber to destroy the data through a so-called “bug bounty” program normally used to identify small code vulnerabilities, three people familiar with the events have told Reuters.

Uber announced on Nov. 21 that the personal data of 57 million passengers and 600,000 drivers were stolen in a breach that occurred in October 2016, and that it paid the hacker $100,000 to destroy the information. But the company did not reveal any information about the hacker or how it paid him the money.

Uber spokesman Matt Kallman declined to comment on the matter. It remains unclear who made the final decision to authorize the payment to the hacker and to keep the breach secret, though the sources said then-CEO Travis Kalanick was aware of the breach and bug bounty payment in November of last year.

One source described the hacker as “living with his mom in a small home trying to help pay the bills,” adding that members of Uber’s security team did not want to pursue prosecution of an individual who did not appear to pose a further threat.

Is it too late for me to get into hacking? I feel like it’s one of those things that you need to start from a young age. But it doesn’t mean I’m not going to try. I just need to find someone to give a lesson. So if anyone reading this knows about it, hit me up.

At any rate, what a wild story. A hundred-billion-dollar company being held hostage by a twenty-year-old kid living in his mom’s basement. He stole fifty-seven-million people’s information with the click of a mouse and had the balls to demand a ransom. Good for him. Most guys his age who need to help out with the bills get a job cutting grass. The craziest part is that Uber actually paid. They were so embarrassed that they sent him money through a “bug bounty” program. Which is designed to anonymously reward hackers who point out flaws in their software. Considering typical payments are in the five-to-ten thousand range, he made out like a  bandit.

Don’t get me wrong, I’m happy they paid him I just wish it never leaked. Because now everyone’s going to be gunning for them to try and get a check. And I don’t want to have to worry about some little punk running my credit card every time I call a car. I wouldn’t be surprised if these kinds of breaches become more common given how fluent young people are in technology. Every time I go out to eat I see a two-year-old banging away on an iPad. At least nothing bad came out of this one. Hopefully we can say the same for the next.