Uber Archives - Cyber Security Minute

Joe Sullivan: What’s a Breach? ‘It’s a Complicated Question’

Issued by: DataBreach Today

Trick question for CSOs: When does a security incident qualify as being a data breach, triggering notification or other regulatory rules? The answer is that it’s “a very complicated question” that cybersecurity leaders should leave to their legal team while they stay fully in the loop, said former Uber CSO Joe Sullivan, sharing lessons learned…

Malware & Threats

UK Teen Arrested Over Rockstar Games, Uber Hacks

Issued by: Security Week

Both companies have confirmed being breached. Uber admitted that a hacker used compromised employee credentials to access internal tools, but downplayed impact, insisting that development systems, user accounts, and sensitive information were not accessed. In the case of Rockstar, the hacker leaked videos recorded during the development of the upcoming Grand Theft Auto (GTA) 6…

Application Security

Uber Updates Bug Bounty Program

Issued by: Security Week

Uber last week updated the legal terms of its bug bounty program and provided guidance for good faith vulnerability research. The changes come just months after the ride-sharing giant admitted paying a couple of individuals as part of an effort to cover up a massive security incident. Uber says it has addressed nearly 200 flaws for…

Application Security

Uber in Legal Crosshairs Over Hack Cover-up

Issued by: Security Week

Two US states on Wednesday confirmed they are investigating Uber’s cover-up of a hack at the ride-sharing giant that compromised the personal information of 57 million users and drivers. Uber purportedly paid data thieves $100,000 to destroy the swiped information — and remained quiet about the breach for a year. That decision evidently came despite…