A 20-year-old Florida man who lives with his mother was responsible for a breach of 57 million Uber users’ details last year, according to a new report.
Three people familiar with the incident told Reuters that the controversial ride hailing service made the $100,000 payment to hush up the breach through its bug bounty program, run by HackerOne.
However, that sum is at least 10-times greater than the usual payments that would be made through the program.
Uber is said to have made the payment in order to confirm the identity of the hacker — which is still unknown — and remarkably have him sign a non-disclosure agreement (NDA) to prevent future raids.
The hacker’s PC was apparently also analyzed by Uber to confirm all the data had been deleted. However, there will still be question marks over the validity of an NDA struck with a cyber-criminal, and whether or not the individual