Joseph Sullivan, the former security chief of Uber, is due to appear in court for concealing a major hack at the company in 2016, the U.S. Justice Department reported Thursday.
The hack stole the names, email addresses and cell phone numbers of 57 million Uber customers and drivers. Driving license data of 600,000 Uber drivers also ended up on the street.
Sullivan was Uber’s chief of security from April 2015 to November 2017. He is suspected of hiding the hack from the US Federal Trade Commission (FTC). Rather than reporting the leak, he would have been the one who paid the perpetrators $ 100,000 in bitcoins to keep the hack under wraps.
He can be jailed for up to five years for impeding the investigation. He can be sentenced to up to three years in prison for covering up evidence. Sullivan’s attorney says there is no basis for the claim. He calls Sullivan “a respected cybersecurity expert”.
“Without him and his efforts, the individuals responsible for this attack would never have been identified,” the lawyer said. Sullivan and his team, he said, “worked closely” with various departments at Uber and acted by the rules.
Sullivan was fired from Uber in 2017 when CEO Dara Khosrowshahi found out how he allegedly acted.
The investigation into the 2016 hack has not yet been completed. Uber is working on this together with the US Department of Justice.