Former Uber CSO sentenced to probation for data breach cover-up

Share post:

Former Uber Technologies chief security officer (CSO) Joseph Sullivan was sentenced to probation Thursday for trying to cover up a 2016 data breach and theft of tens of millions of customer records, the Associated Press said. 

Convicted last October by a jury of hiding the incident from the U.S. Federal Trade Commission, Sullivan was sentenced to three years’ probation and ordered to pay a fine of US$50,000.

His conviction was the first criminal prosecution of a company official over a data breach.

Bloomberg News reported the San Francisco jury rejected his defence that other executives knew about the coverup and were responsible, convicting him of obstructing a government investigation and concealing the theft of personal data of 50 million customers and 7 million drivers. That included over 800,000 Canadians.

Prosecutors had recommended a sentence of 15 months in federal prison.

“I think that considering the guilty verdict, Judge Orrick’s sentencing of Joe to three years probation and 200 community service hours, was well balanced and appropriate,” commented Avishai Avivi, CISO of SafeBreach. The judge did note that former Uber CEO Travis Kalanick was “just as culpable,” Avivi added. “While I understand some may be disappointed that Mr. Sullivan avoided jail time, Judge Orrick made sure to note that this was that this was an ‘unusual one-off.'” Judge Orrick also noted that if he has a similar case in the future, ‘even if the defendant had the character of Pope Francis, they would be going to prison’  — sending a clear message to the CISO and business community, and confirming to the Justice department that this was a one-off leniency.”

This case should also recognize “that the CISO is a business partner,” Avivi said, “and that partnership should enable the CISO to avoid having to deal with the ethical dilemma Sullivan had to face, and ultimately bear the consequences of his choice.”

The post Former Uber CSO sentenced to probation for data breach cover-up first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Canada’s Competition Bureau Sues Google, Demands Sale of Ad Tech Services

  The Competition Bureau has filed a lawsuit against Google, accusing the tech giant of anticompetitive practices in its...

You Don’t Own Your Social Media Accounts (According to Elon Musk’s X Corp Lawsuit)

In a rare legal move, X Corp (formerly Twitter) has filed an objection to the inclusion of InfoWars'...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways