Uber has hired a new chief security officer, the New York Times reports, filling the role that has remained vacant since Joe Sullivan was fired last year. Sullivan was fired for his role in covering up a data breach that exposed the personal info of around 57 million Uber customers and drivers. Instead of reporting the breach, Uber paid the hackers that stole the information $100,000 to delete the data. Matt Olsen, former general counsel of the National Security Agency and former director of the National Counterterrorism Center, stepped in to help the company structure its security processes following the disclosure and he has now been named as its new chief security officer.
Thrilled to have Matt Olsen on board as #Uber Chief Trust and Security Officer. He has more than earned the respect of our team at all levels while working with us over the last few months - https://t.co/Xxssp1Wa3r— dara khosrowshahi (@dkhos) August 14, 2018
Olsen told the New York Times that his priorities will include increasing transparency and unifying Uber's two security teams. "I think they understand the need to be transparent and ethical, and vigilant in complying not just with the laws and regulations that apply, but the norms and standards that Uber customers and stakeholders expect of the company," he told the publication. He also said that having a solid plan for what to do when faced with a breach as well as having practiced that plan, is an important security measure.
Following the reveal of the covered-up breach, a number of states' attorneys general began investigating Uber's handling of the situation and both Pennsylvania and Washington later filed lawsuits against the company. The FTC also looked into the breach and then amended an earlier settlement Uber had agreed to over allegations that it hadn't adequately protected its customers' data.