Updated: May 7
Joseph Sullivan, Uber's former Chief Security Officer, has received a sentence of three years' probation for concealing a cyber-attack from authorities.
Sullivan was found guilty of paying hackers $100,000 after they obtained access to 57 million records of Uber customers which included their names and phone numbers.
Alongside his probation sentence, Sullivan has also been ordered to pay a fine of $50,000 in addition to completing 200 hours of community service. The prosecutors had originally sought a 15-month prison sentence. Sullivan has also been found guilty of obstructing an inquiry from the Federal Trade Commission.
It has been reported by the Wall Street Journal that the judge in the case, William Orrick, reduced his sentence partly due to it being the first case of its kind, but also due to Sullivan's character. Judge Orrick stated: "If there are more, people should expect to spend time in custody, regardless of anything, and I hope everybody here recognizes that."
Sullivan began his role as Uber's chief security officer in 2015. In November 2016, the attackers who targeted Uber emailed Sullivan and demanded a ransom for the data they had obtained, threatening to delete it if their request was not met. Uber confirmed the loss of data, including records of 57 million users and 600,000 driving licence numbers. Sullivan then made arrangements for the hackers to be paid $100,000, in return for the data they had taken.