Two hackers, Brandon Charles Glover (26) of Florida and Vasile Mereacre (23) of Toronto have pleaded guilty of blackmailing Uber, Linkedin and some other US corporation for money to delete the data of millions of customers they had stolen in 2016.
Confidential corporate data is downloaded
In a courthouse in San Jose, hackers admitted that they downloaded the confidential corporate data from Amazon Web Services using stolen credentials. According to the press release published by the US Justice Department, the hackers contacted the companies to report the security flaws and demanded money in exchange to delete the data. Hackers have been released on bond and they are set to face a maximum of 5 years in prison and a $250,000 fine.
The hacker duo stole downloaded sensitive information of 57 million Uber riders and drivers. Uber paid the hackers $100,000 in bitcoins to cover up the breach. Uber also keep the data breach incident as a secret from the US Federal Trade Commission (FTC) until 2017, when it became public. Back in 2016, FTC was investigating another attack made against the Uber.
The Indictment revealed that Linkedin was also blackmailed by the hackers in December of 2016. According to the indictment, over 90,000 users’ records were stolen, including their credit card information, from the databases of Linkedin’s subsidiary Lynda.com.