Following a data breach at learning platform Lynda in 2016, two hackers were indicted in Florida this month on charges of extortion and hacking. One alleged hacker lived in Florida, while the other was a Canadian citizen who was a Toronto resident, according to reports.
The two individuals allegedly were able to get a hold of thousands of user accounts. They then reportedly emailed LinkedIn, which is the parent organization of Lynda, as well as HackerOne, the cybersecurity program the company uses. After a representative of LinkedIn replied to their email and suggested they join HackerOne, the hackers allegedly said, “keep in mind, we expect a big payment, as this was hard work for us.”
According to the reports, the allegations are similar to those of a reported data breach at Uber. In that case, not many details had emerged until Uber’s chief information security officer said at a Senate Commerce Committee hearing that the two hackers in its breach were from Canada and Florida.
Last November, Uber was hit by the revelation that hackers stole the personal data of 57 million customers and drivers more than one year prior – and that its chief security officer hid the breach and paid hackers $100,000 to delete the stolen information.
According to news from Bloomberg, compromised data from the October 2016 cyberattack included the names, email addresses and phone numbers of 50 million Uber riders around the world. The personal information of about seven million drivers was also breached, including some 600,000 U.S. drivers’ license numbers. The ridesharing company said that no Social Security numbers, credit card information, trip location details or other data were taken.
Uber Chief Executive Dara Khosrowshahi said in an emailed statement at the time, according to Bloomberg, “None of this should have happened, and I will not make excuses for it. We are changing the way we do business.”