Uber has hired Joe Sullivan to be its first-ever Chief Security Officer, overseeing the company’s data security, Uber CEO Travis Kalanick announced on Uber’s blog Thursday.
A quick glance at Sullivan’s resume shows why he’s a good fit for the position. He was Facebook’s Chief Security Officer for five years, and previously worked at PayPal and eBay in security. Prior to that he served as a federal prosecutor overseeing cybersecurity and cybercrime cases.
Sullivan’s hire couldn’t come at a better time for Uber.
Uber has faced a couple of major security challenges in recently months. Some Uber users have reported that they’re being charged for rides they didn’t take. Motherboard reports that anonymous third parties have been able to access certain Uber accounts. Since credit cards are automatically linked to your Uber account, these intruders have been able to order rides without the account holder’s permission, according to the report.
This follows a previous report from Motherboard that said Uber credentials are being sold in dark web online marketplaces for as little as $US1 each. While the login credentials are available for purchase on this marketplace, credit card numbers are not listed on the accounts beyond the last four digits.
In addition, Uber accidentally uploaded a sensitive password to code-sharing platform GitHub last year, compromising the personal information of as many as 50,000 Uber drivers.
Uber let users know on its blog in February.
At the end of March, Uber subpoenaed GitHub, so that it could see the names of the users who had access to the since-deleted Github post where the password was inadvertently published.