Former Uber CSO sentenced to probation for data breach cover-up

Share post:

Former Uber Technologies chief security officer (CSO) Joseph Sullivan was sentenced to probation Thursday for trying to cover up a 2016 data breach and theft of tens of millions of customer records, the Associated Press said. 

Convicted last October by a jury of hiding the incident from the U.S. Federal Trade Commission, Sullivan was sentenced to three years’ probation and ordered to pay a fine of US$50,000.

His conviction was the first criminal prosecution of a company official over a data breach.

Bloomberg News reported the San Francisco jury rejected his defence that other executives knew about the coverup and were responsible, convicting him of obstructing a government investigation and concealing the theft of personal data of 50 million customers and 7 million drivers. That included over 800,000 Canadians.

Prosecutors had recommended a sentence of 15 months in federal prison.

“I think that considering the guilty verdict, Judge Orrick’s sentencing of Joe to three years probation and 200 community service hours, was well balanced and appropriate,” commented Avishai Avivi, CISO of SafeBreach. The judge did note that former Uber CEO Travis Kalanick was “just as culpable,” Avivi added. “While I understand some may be disappointed that Mr. Sullivan avoided jail time, Judge Orrick made sure to note that this was that this was an ‘unusual one-off.'” Judge Orrick also noted that if he has a similar case in the future, ‘even if the defendant had the character of Pope Francis, they would be going to prison’  — sending a clear message to the CISO and business community, and confirming to the Justice department that this was a one-off leniency.”

This case should also recognize “that the CISO is a business partner,” Avivi said, “and that partnership should enable the CISO to avoid having to deal with the ethical dilemma Sullivan had to face, and ultimately bear the consequences of his choice.”

The post Former Uber CSO sentenced to probation for data breach cover-up first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more. Welcome to Cyber Security...

Google criticizes Microsoft’s security practices in new report

Google has publicly criticized Microsoft for a series of security missteps, suggesting that organizations might consider more secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways