​GoGet 'hacker' case stalled awaiting information from Amazon

Sydney Local Court has heard that Nik Cubrilovic intends to plead not guilty to all charges relating to the alleged access of GoGet's systems.
Written by Asha Barbaschow, Contributor

Entrepreneur and self-proclaimed hacker Nikola Cubrilovic has appeared before Sydney Downing Centre Local Court after earlier this year being accused of accessing the systems of car-sharing service GoGet.

Chief Magistrate Judge G Henson heard on Tuesday that Cubrilovic intends to plead not guilty to all charges; however, no official plea has been made, as the prosecution is yet to serve the brief.

Sergeant Knight told the court that the prosecution is still awaiting information from global tech giant Amazon, as well as "interstate material", before serving the brief.

The prosecution has been given until June 20.

Cubrilovic was initially accused of accessing GoGet's fleet booking system and downloading customer identification information including name, address, email address, phone number, date of birth, driver licence details, employer, emergency contact name and phone number, and GoGet administrative account details.

GoGet's IT team had identified suspected unauthorised activity on its system on June 27, 2017, and immediately conducted a full internal investigation. At the same time, it reached out to police.

Waiting seven months to declare the breach at the "strong advice" of state police, GoGet went public about the incident in January, when Strike Force Artsy detectives, assisted by the Public Order and Riot Squad, simultaneously executed a search warrant at a home where they seized computers, laptops, and electronic storage devices.

Cubrilovic was arrested in January and charged on the spot by NSW Police on two counts of unauthorised access, modification, or impairment with intent to commit serious indictable offence, and 33 counts of take and drive conveyance without consent of owner for allegedly breaching GoGet's systems.

He was at the time granted bail after appearing before Wollongong Local Court, where it was alleged the information he obtained was used to access vehicles without consent on 33 occasions between May and July 2017.

Bail was granted on several conditions, including that he have no access to the internet, report daily to police, and surrender his passport.

Cubrilovic became prominent in the security community in 2011 after he exposed a Facebook privacy flaw which showed the social media giant was tracking web-browsing activity even after users logged out.

He also founded online storage startup Omnidrive in mid-2004.


GoGet fleet booking system accessed, alleged attacker charged

A man has been charged after allegedly stealing the personal information such as name, address, and driver licence details, from the car-sharing company's database.

Security consultant granted bail after 'hacking' GoGet systems

The self-proclaimed hacker has been denied access to the internet by a NSW court as a condition of his bail, after being accused of accessing the car-sharing company's systems.

Health holds crown as the most breached sector in Australia

The Office of the Australian Information Commissioner has received 63 data breach notifications in first six weeks of the scheme's operation.

Reported breaches not painting complete picture of Australian security landscape

Although 63 data breaches were reported to the Office of the Australian Information Commissioner in less than six weeks, FireEye's Mandiant has warned the figure is higher, but organisations are unsure if their breach fits the brief.

5 ways to build your company's defense against a data breach before it happens (TechRepublic)

Data breaches can be chaotic and stressful episodes. Learn the most effective actions you can take to help plan for these turbulent events.

Editorial standards