He wanted to conceal it but all the same, the truth came out. Ex Chief Security Officer who worked for Uber made everything possible to hide the crime that occurred in 2016 when hackers got access to sensitive data of the company. At that time cybercriminals received personal information of approximately 600,000 drivers working for the company. Besides, sensitive data of 57 million customers of the company also was at the disposal of hackers. But instead of applying to police Joseph Sullivan (CSO)decided to pay the criminals who contacted him by email and demanded six-figure amount for their silence. And the company paid to them in Bitcoin through the bug search program. Ex executive demanded non-disclosure agreement in his turn and this is a rather funny detail taking into account that he didn’t know their real names. Still, the agreement was concluded with false information in it.
However, in 2017 the company decided to reveal the details of that hack relying on their principles of transparency. The police conducted an investigation, as a result of which two hackers were pleaded guilty. However, former CSO was also accused. His guilt was obstruction of justice and attempt to cover up the data breach of sensitive information. By the way, silence of security executive let the cybercriminals continue their attacks that brought to data breaches in other companies as well. He should have reported the crime then. Now Joseph Sullivan faces the charge and can spend about 5 years in prison for obstruction of justice and three years for unwillingness to report the crime.