Many are current or former members of Uber’s security team, who defended their actions as a prime example of how executives should respond to security problems. The New York Times also obtained more than two dozen internal Uber emails and documents related to the incident. Uber’s security team used nicknames for hackers, particularly the colorful, anonymous ones who engaged with the company. “It’s very disappointing to be finding this vulnerability in such way,” the hacker wrote in an email to Rob Fletcher, Uber’s product security engineering manager. Mr. Fletcher also pushed the hacker to take payment through HackerOne, which requires bounty recipients to disclose their real identities for tax requirements.

Source: New York Times January 12, 2018 23:31 UTC