The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: uber data breach

Two Hackers Who Extorted Money From Uber and LinkedIn Plead Guilty

Two Hackers Who Extorted Money From Uber and LinkedIn Plead Guilty

October 31, 2019Mohit Kumar
Two grey hat hackers have pleaded guilty to blackmailing Uber , LinkedIn, and other U.S. corporations for money in exchange for promises to delete data of millions of customers they had stolen in late 2016. In a San Jose courthouse in California on Wednesday, Brandon Charles Glover (26) of Florida and Vasile Mereacre (23) of Toronto admitted they accessed and downloaded confidential corporate databases on Amazon Web Services using stolen credentials. After downloading the data, the duo contacted affected companies to report security vulnerabilities and demanded money in exchange for the deletion of the data, according to a press release published by the US Justice Department. "I was able to access backups upon backups, me and my team would like a huge reward for this," the hackers said to the victim company in an email. "Please keep in mind, we expect a big payment as this was hard work for us, we already helped a big corp which paid close to 7 digits, all
Uber Paid 20-Year-Old Florida Hacker $100,000 to Keep Data Breach Secret

Uber Paid 20-Year-Old Florida Hacker $100,000 to Keep Data Breach Secret

December 06, 2017Swati Khandelwal
Last year, Uber received an email from an anonymous person demanding money in exchange for the stolen user database. It turns out that a 20-year-old Florida man, with the help of another, breached Uber's system last year and was paid a huge amount by the company to destroy the data and keep the incident secret. Just last week, Uber announced that a massive data breach in October 2016 exposed personal data of 57 million customers and drivers and that it paid two hackers $100,000 in ransom to destroy the information. However, the ride-hailing company did not disclose identities or any information about the hackers or how it paid them. Now, two unknown sources familiar with the incident have told Reuters that Uber paid a Florida man through HackerOne platform, a service that helps companies to host their bug bounty and vulnerability disclosure program. So far, the identity of the Florida man was unable to be obtained or another person who helped him carry out the hack.
Imgur—Popular Image Sharing Site Was Hacked In 2014; Passwords Compromised

Imgur—Popular Image Sharing Site Was Hacked In 2014; Passwords Compromised

November 25, 2017Swati Khandelwal
Only after a few days of Uber admitting last year's data breach of 57 million customers , the popular image sharing site disclosed that it had suffered a major data breach in 2014 that compromised email addresses and passwords of 1.7 million user accounts. In a blog post published on Friday, Imgur claimed that the company had been notified of a three-year-old data breach on November 23 when a security researcher emailed the company after being sent the stolen data. Imgur Chief Operating Officer (COO) then alerted the company's founder and the Vice President of Engineering to the issue before began working to validate that the data belonged to Imgur users. After completing the data validation, the company confirmed Friday morning that the 2014 data breach impacted approximately 1.7 million Imgur user accounts (a small fraction of its 150 million user base) and that the compromised information included only email addresses and passwords. Since Imgur has never asked fo
After Getting Hacked, Uber Paid Hackers $100,000 to Keep Data Breach Secret

After Getting Hacked, Uber Paid Hackers $100,000 to Keep Data Breach Secret

November 22, 2017Mohit Kumar
Uber is in headlines once again—this time for concealing last year's data breach that exposed personal data of 57 million customers and drivers. On Tuesday, Uber announced that the company suffered a massive data breach in October 2016 that exposed names, e-mail addresses and phone numbers of 57 million Uber riders and drivers along with driver license numbers of around 600,000 drivers. However, instead of disclosing the breach, the company paid $100,000 in ransom to the two hackers who had access to the data in exchange for keeping the incident secret and deleting the information, according to a report published by Bloomberg. Uber said none of its own systems were breached, rather two individuals outside the company inappropriately accessed and downloaded 57 million Uber riders' and drivers' data that was stored on a third-party cloud-based service. The cyberattack exposed the names and driver license numbers of some 600,000 drivers in the United States, and t
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.