Uber hired Sullivan as its first Chief Security Officer (“CSO”) following a data breach in September 2014 related to the unauthorized access of approximately 50,000 consumers' personal information, including their names and drivers' license numbers.
People Also Ask
In early October, the US Department of Justice announced that a verdict had been reached in the case against former Uber CISO Joe Sullivan, finding him guilty of two counts associated with covering up a data breach at the company.
Other controversies involving Uber include various unethical practices such as aggressive lobbying and ignoring and evading local regulations. Many of these were revealed by a leak of documents showing controversial activity between 2013 and 2017 under the leadership of Travis Kalanick.
Uber contends that the Lapsus$ hacking group is responsible for a computer network breach after a hacker broke into its internal systems last week. “They pretty much have full access to Uber,” Sam Curry, a security engineer at Yuga Labs, told The New York Times.
At the time, Uber was not just one of the world's fastest-growing companies - it was one of the most controversial, dogged by court cases, allegations of sexual harassment, and data breach scandals. Eventually shareholders had enough, and Travis Kalanick was forced out in 2017.
Uber being sued over sexual assaultsMore than 20 sexual assault victims across the county are now suing Uber, accusing the rideshare company of failing to implement proper safety checks against drivers.
Least PrivilegeOne strategy used to prevent this sort of breach is to restrict privileges for user and administrator accounts. By implementing the principle of least privilege, an administrator would not have rights to access sensitive production databases within AWS and access the development environment in GitHub.
In September, ridesharing company Uber disclosed that hackers had stolen the personal information of about 57 million customers and drivers. The days following the attack were full of speculation around how the attacker – allegedly a 17 year old – was able to gain access to the systems.
On December 10th, a new trove of Uber data surfaced on Breached forums. This haul of data included personally identifiable information pertaining to 77,000 Uber employees, as well as internal reports and possibly even source code. The data was apparently compromised in an attack on Teqtivity, a third-party vendor.
The Federal Court has ordered ridesharing platform Uber to pay a penalty of $21 million after Uber admitted it had engaged in misleading or deceptive conduct and made false or misleading representations to consumers in its app and on its website, in proceedings brought by the ACCC.
Uber recently agreed to pay $8.4 million to settle a class-action lawsuit with California drivers who claimed they were misclassified as independent contractors, rather than employees. The U.S. District Court in the Northern District of California approved the settlement on July 21.
Serious criminal convictions—including sexual assault, sex crimes against children, murder/homicide, terrorism, human trafficking, and kidnapping—at any time in the driver or delivery person's history. Any serious criminal charges that are still pending. Multiple moving violations or accidents in the last 3 years.
Legal action from taxi companiesTaxi companies sued Uber in numerous American cities, alleging that Uber's policy of violating taxi regulations was a form of unfair competition or a violation of antitrust law.
Three former workers have launched employment tribunal claims in the United Kingdom against Uber, accusing the company of unfair dismissal after its facial recognition system failed to identify them.
Nearly three years after driving an Uber around Kalamazoo, Michigan, and randomly shooting and killing six people, Jason Dalton was sentenced Tuesday to life in prison without parole.
They found private authentication information that Uber engineers had accidentally exposed publicly on GitHub, a site many engineers and companies use to store code and track projects. The attack began when hackers got their hands on Uber user data stored on an Amazon server.
What happened, exactly? Hackers breached 57 million Uber users' and drivers' accounts and demanded $100,000 to delete their copy of the stolen data. This includes names, phone numbers, email addresses and more than 600,000 US drivers' licence numbers.
Kidnappings involving ride-hailing services are not unprecedented. In 2019, a college student was killed in Columbia, S.C., after she got into a car she mistook for her Uber.