• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Data Breach

Two guilty pleas in Uber and Lynda.com hacking case

by Cyber360 News
November 11, 2019
in Data Breach
0
Two guilty pleas in Uber and Lynda.com hacking case
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Two men reportedly face a up to five years in prison after pleading guilty in federal court on Wednesday to hacking into Uber’s and Lynda.com’s databases and holding their contents for ransom.

According to reports, Brandon Glover of Winter Springs, Florida and Vasile Mereacre of Toronto, Canada, admitted to hacking into the GitHub accounts of Uber and Lynda.com employees in 2016. These accounts contained credentials for Amazon Web Services, which they used to access AWS servers holding the companies’ precious data.

The Uber breach impacted 57 million customers and drivers, located worldwide, while the breach of Lynda.com, an online learning platform subsidiary of LinkedIn (later rebranded LinkedIn Learning), affected 90,000 customer accounts. In both cases, the defendants in the case attempted to extort a payment from the companies in the guise of a “reward.”

A superseding indictment issued on Oct. 30 by the U.S. Attorney’s Office offered a closer look at the breaches and how the victims responded.

At one point, the defendants sent an email to LinkedIn describing the data they managed to grab. “Before I continue, I would like to say that this does not look good, I was able to access backups upon backups , me and my team would like a huge reward for this, [sic]. The things we found were some of the following, [L]ynda database, email names addresses, usernames, some passwords, payments, we also found backend code and many more.” The email later continues, “Before I continue, I would like to ask that you guys will promise to compensate for this find.”

Lynda.com opted to publicly disclose the breach rather than pay up. Uber, on the other hand agreed to pay the hackers $100,000, and originally kept the incident quiet. According to the superseding indictment, Uber had Glover and Mereacre sign confidentiality agreements stipulating that they would not use the stolen use or publicly expose the breach.

Later, under new leadership, the company on Nov. 22, 2017 publicly owned up to the breach and its subsequent cover-up, and in September 2018 accepted a settlement of a $148 million fine from the Federal Trade Commission for its actions.

“Companies like Uber are the caretakers, not the owners, of customers’ personal information,” said U.S. Attorney Anderson in a press release. “What gets stolen in a computer extortion belongs to your neighbors, not to yourselves. Don’t be so concerned with your image or reputation. Be concerned with the real losses others have suffered. Report the intrusion promptly. Cooperate with law enforcement.”

“We’re dealing with the most sophisticated cyber actors in the world,” said FBI Special Agent in Charge John Bennett in the same release. “In order to take on those people on the front lines of the cybersecurity battle, we rely heavily on our valued relationships and open dialogue with private sector companies in cyber industries. Their willingness to speedily report intrusions to our investigators allows us to find and arrest those who commit data breaches.

Cyber360 News

Cyber360 News

Next Post
Ontario Science Centre’s marking firm hit with breach, 174K affected

Ontario Science Centre’s marking firm hit with breach, 174K affected

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In