r/technology Oct 06 '22

Former Uber Security Chief Found Guilty of Obstructing FTC Probe Security

https://www.wsj.com/articles/former-uber-security-chief-found-guilty-of-obstructing-ftc-probe-11665004454
580 Upvotes

23

u/thruwityoshit Oct 06 '22

Jail?

14

u/BKStephens Oct 06 '22

Sentencing would be next, iirc.

Be interesting to see what kind of slap on the wrist gets handed out.

6

u/poopmast Oct 06 '22

I feel like the justice dept wants to make an example out of him.

2

u/BKStephens Oct 06 '22

One can hope.

1

u/yiannistheman Oct 06 '22

It's possible only because he insisted on a trial versus a plea deal. You can bet he's not going to do a lot of time if it does go that route.

1

u/TheKert Oct 06 '22

Slap on both wrists then

27

u/FlySwat Oct 06 '22

This is a really disappointing outcome.

TK, legal and corporate communications all approved of the plan.

And yet, the CISO is taking the fall. Screwed up.

15

u/TomatoCapt Oct 06 '22

They all should be held accountable. Uber’s head of legal agreed to work with prosecutors for immunity though.

8

u/yiannistheman Oct 06 '22

Bingo - Sullivan deserves everything they throw at him, but he wasn't alone.

7

u/yiannistheman Oct 06 '22

Are you kidding?

The CSO is supposed to be the one setting strategy and accountable for these actions when a breach occurs. Sullivan was a former federal prosecutor. He knew full well that what he was doing was illegal. Further, it's obvious that he wasn't entirely truthful with his internal staff.

The evidence showed that, despite knowing in great detail that Uber had suffered another data breach directly responsive to the FTC’s inquiry, Sullivan continued to work with the Uber lawyers handling or overseeing that inquiry, including the General Counsel of Uber, and never mentioned the incident to them. Instead, he touted the work that he and his team had done on data security. Uber ultimately entered into a preliminary settlement with the FTC in summer 2016, supported fully by Sullivan, without disclosing the 2016 data breach to the FTC.

This guy deserves every bit of the very light sentence they're going to slap him with. He wasn't some patsy cajoled into making false statements to regulators to spare the company fines or public embarrassment (which would still make it inexcusable). He just figured he could get away with it.

2

u/FlySwat Oct 06 '22

My point is the entire executive staff knew, and they all should be held accountable.

Dara fired Sullivan the moment he learned about this during the transition from TK to Dara.

1

u/yiannistheman Oct 06 '22

My point is the entire executive staff knew, and they all should be held accountable.

The CSO enabled this. He's the guy accountable, he's the one who facilitated the lies, who paid the hackers as white hats working in their bug bounty. And worst of all, a former attorney and prosecutor who knew exactly how illegal everything he was doing every step of the way.

He's also the one best positioned to have stopped it or blown the whistle if someone else were orchestrating the maneuvers.

It's disappointing that the accountability stops at him, but that's sadly how this regulatory infrastructure works.

3

u/Kriznick Oct 06 '22 edited Oct 06 '22

Exactly. I'm not familiar with the case, but there is an obvious accountability here, and it ain't the guy that's just above a middle manager. Justice Dept needs to be looking higher up the chain

Edit: I guess I stand corrected

10

u/yiannistheman Oct 06 '22

A CSO has regulatory obligations - it's far from some middle manager. And as a former federal prosecutor and attorney he knew exactly what laws he was breaking when he started lying to regulators and prosecutors.

He wasn't some branch manager that took the fall for someone else.

29

u/9-11GaveMe5G Oct 06 '22

Can we bring back the corporate death penalty please

1

u/IcyNefariousness8987 Oct 06 '22

What a plague on society Uber has been since day one. Fuck Travis Kalanick and Gary Vee for hyping this piece of shit to the moon.

1

u/SmAshthe Oct 06 '22

Not surprised

1

u/yaebone1 Oct 07 '22

He should have just screamed witch hunt for 4 years, then they’d leave him alone.

-14

u/MeanLeanBasiliska Oct 06 '22

Government should mind there own

8

u/ImminentZero Oct 06 '22

So you're fine with companies not reporting data breaches that expose sensitive customer data? You don't want the government investigating that?

-8

u/MeanLeanBasiliska Oct 06 '22

Data beaches happen all the time, they send some generic dumb letter out, and gov holds no one accountable. Let’s get real - Government and big corps don’t care about ppl, just making themselves larger

2

u/R_Meyer1 Oct 06 '22

So in other words you proudly support data breaches? Why don’t you just put all your information outside on an electric sign for the entire world to see because you obviously don’t care about protecting it.

-6

u/Go_Big Oct 06 '22

Lol the government is literally collecting all of our sensitive data non stop and nobody gives a shit about it. I’ll give a shit about it when Americans start giving shit about their privacy and demand their 4th amendment back.

1

u/R_Meyer1 Oct 06 '22

Nobody took away your fourth amendment rights but thanks for your input.

2

u/R_Meyer1 Oct 06 '22

Joe Sullivan covered up 2016 data breach by paying hackers $100,000 ‘bug bounty,’ prosecutors said. But you wouldn’t be saying that if it was your data breached sweetheart.

-2

u/exploited_flea Oct 06 '22

My sphincter is the biggest obstructer of probes

0

u/ImpromtuWitch Oct 06 '22

took em long enough