December 12, 2023 at 09:28AM
Former Uber CISO Joe Sullivan disclosed details of the 2016 data breach at Black Hat Europe, reflecting on his firing and legal issues. The breach compromised 57 million accounts, and a $100,000 payment to attackers was considered a bug bounty. Sullivan emphasizes the importance of personal protections for security professionals and advises on preparing for potential fallout from a breach.
Key takeaways from the meeting notes:
1. Former Uber CISO Joe Sullivan shared new details about the 2016 data breach at Black Hat Europe.
2. Sullivan avoided listening to webinars and programs that featured themes about “how to avoid turning out like Joe.”
3. The Uber breach involved the theft of 57 million user and driver accounts, leading to felony charges and his firing from Uber.
4. Sullivan was charged with obstruction of justice and misprision of a felony related to the breach and payment to the attackers.
5. Sullivan promoted responsible disclosure policies and noted the importance of personal protections for security professionals in preparation for potential fallout from a data breach.
6. His experience has led other security professionals to seek his advice regarding the CISO role and career risks.
These are the key points distilled from the meeting notes. Let me know if you need further details or any additional information.