Former NSA Counsel Hired By Uber As New Head Of Security


The New York Times reports that Uber has hired a new chief security officer. It fills the role that has since remained to be vacant since Joe Sullivan was removed from his post in 2017. Sullivan was dismissed from his role after covering up a data breach that exposed the personal information of approximately 57 million customers and drivers of Uber. Instead of reporting the said breach, Uber paid the hackers that hijacked the information with $100,000 to delete the stolen data. Matt Olsen stepped in to help the firm structure its security processes after the disclosure and he has now been selected as the new chief security officer of the company. He is a former general counsel of the National Security Agency and a former director of the National Counterterrorism Center.

Dara Khosrowshahi, the Chief Executive of Uber, said in a tweet: “Thrilled to have Matt Olsen on board as #Uber Chief Trust and Security Officer. He has more than earned the respect of our team at all levels while working with us over the last few months.”

In an interview with the New York Times, Olsen said that his priorities will include improving transparency and unifying the two security teams of Uber.

He stated: “I think they understand the need to be transparent and ethical, and vigilant in complying not just with the laws and regulations that apply, but the norms and standards that Uber customers and stakeholders expect of the company.”

Olsen also said that having a firm plan for what to do whenever he is faced with a breach as well as being able to practice that plan, is an essential security measure.

After the revelation of the covered-up breach, a number of states’ attorneys general started investigating the handling of the situation of Uber. Later, both Washington and Pennsylvania filed lawsuits against the ride-hailing company. The FTC also looked into the said breach and then amended an earlier settlement that Uber had agreed to over allegations that it had not protected the data of its customers adequately.