Security & Fraud

Hackers Plead Guilty For Charging Uber To Delete Stolen Data

Uber and LinkedIn targeted

Two hackers pleaded guilty Wednesday (Oct. 30) in federal court on charges that they hacked both Uber and LinkedIn, and then extorted the companies in exchange for deleting the stolen information.

The defendants, Brandon Glover, of Florida, and Vasile Mereacre, of Toronto, Canada, have been released on bond, and are due to be sentenced in March. They have been accused of stealing 57 million Uber user records, including customer and driver data, from Amazon Web Services in November 2016. After three weeks of negotiating, the ride share giant paid the men $100,000 in bitcoin through a third party. Uber then discovered the identity of the hackers, eventually meeting up with both Glover and Mereacre and demanding they sign confidentiality agreements.

Then in December 2016, the men demanded money from LinkedIn’s Lynda.com to delete more than 90,000 stolen records. That communication was cut off one month later when the company started working to identify the hackers.

Glover and Mereacre were able to access the confidential corporate databases on AWS using stolen credentials.

“We’re dealing with the most sophisticated cyber actors in the world,” FBI Special Agent in Charge John F. Bennett said in a statement. “In order to take on those people on the front lines of the cybersecurity battle, we rely heavily on our valued relationships and open dialogue with private sector companies in cyber industries. Their willingness to speedily report intrusions to our investigators allows us to find and arrest those who commit data breaches.”

The men were each charged with one count of conspiracy to commit extortion involving computers, and are facing up to five years in prison and a $250,000 fine.

Uber declined to comment on the court case. A LinkedIn representative said in a statement: “We appreciate the ongoing work by the US Attorney’s office to pursue and bring to justice those responsible for the 2016 breach of Lynda user information. We’re glad to see the resolution of this investigation.”

——————————–

Latest Insights:

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. In the November 2019 AML/KYC Report, Zillow’s Justin Farris tells PYMNTS how the platform incorporates stringent authentication without making the onboarding and buying experiences too complex.

TRENDING RIGHT NOW