How Uber Hid a Breach of 57 Million People episode artwork

EPISODE · Jun 12, 2026 · 20 MIN

How Uber Hid a Breach of 57 Million People

from Zero Day Logs · host ZDL

On November 14, 2016, two hackers told Uber they had the personal records of57 million users and drivers. What Uber did next wasn't a breach response — itwas a cover-up: a $100,000 payment disguised as a bug-bounty reward, false NDAs,and a year of silence while a binding FTC order required disclosure. The breachitself was fixable. The concealment became the first criminal conviction of achief security officer.(0:00) The hackers make contact(0:40) The break-in: reused passwords to 57M records(6:45) Disguising the ransom as a bug bounty(10:40) The FTC order that made silence a crime(13:27) The first criminal conviction of a CSO(17:05) The four controls that were missingFree one-page technical breakdown (timeline, attack path, the four missingcontrols): https://zerodaylogs.comSources: U.S. FTC enforcement action and expanded consent decree; New YorkAttorney General settlement; U.S. DOJ charging documents and trial record,United States v. Sullivan; U.S. SEC filings.Zero Day Logs — the real anatomy of security breaches. Measured, sourced,no hype. https://zerodaylogs.com

On November 14, 2016, two hackers told Uber they had the personal records of 57 million users and drivers. What Uber did next wasn't a breach response — it was a cover-up: a $100,000 payment disguised as a bug-bounty reward, false NDAs, and a year of silence while a binding FTC order required disclosure. The breach itself was fixable. The concealment became the first criminal conviction of a chief security officer. (0:00) The hackers make contact (0:40) The break-in: reused passwords to 57M ...

NOW PLAYING

How Uber Hid a Breach of 57 Million People

0:00 20:24

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Zero Day Logs?

This episode is 20 minutes long.

When was this Zero Day Logs episode published?

This episode was published on June 12, 2026.

What is this episode about?

On November 14, 2016, two hackers told Uber they had the personal records of57 million users and drivers. What Uber did next wasn't a breach response — itwas a cover-up: a $100,000 payment disguised as a bug-bounty reward, false NDAs,and a year of...

Can I download this Zero Day Logs episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!