Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Review each case from the following standpoints: a ) Governance, security planning, policies and procedures b ) Ethical, legal and security aspects c ) User
Review each case from the following standpoints:
a Governance, security planning, policies and procedures
b Ethical, legal and security aspects
c User engagement
d Business management
e Integration among departments and groups
Breach : Uber
In late attackers used a password obtained in an unrelated data breach to gain access to an Uber engineers personal GitHub account. From this account, the attackers were able to access one of Ubers internal repositories, which contained a private key used to access Ubers datastores. These datastores contained unencrypted personal information for approximately million Uber drivers and riders. The attackers downloaded copies of this private user information violating the informations confidentiality. The attackers then contacted Uber, informed them that they had compromised Ubers databases, and demanded a ransom to delete the stolen data.
Uber was contacted by the attackers on November th and Uber chose to pay the ransom. Uber had the attackers sign nondisclosure agreements regarding the stolen information.
What Uber did not do however, was disclose the breach. Uber was also under investigation at the time for a different breach that occurred in Uber didnt disclose the breach until November following the appointment of a new CEO. In addition to being highly unethical, Ubers failure to disclose the breach was also illegal. In addition to the $ ransom, Uber paid $ million as part of the settlement.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started