Uber taps Facebook's Joe Sullivan as new chief security officer

While ensuring the physical safety of its clients has garnered possibly the most attention, patching up data security has also been pushed to the top of Uber's agenda.
Written by Rachel King, Contributor

Uber has been on damage control over the last few months, from battling the legality of its business in multiple foreign markets to downplaying the often brash comments made by company leadership.

While ensuring the actual physical safety of its clients has garnered possibly the most wide scale attention, patching up data security has also been pushed to the top of the agenda.

The ride-hailing service announced the hiring of Joe Sullivan as its new chief security officer.

Sullivan has been serving in the same role over at Facebook, meaning he should be no stranger to overseeing the data management plans for billions of users across multiple markets worldwide.

During a whiteboard session at the social network's Silicon Valley headquarters last year, Sullivan opined about how ensuring the security of a company's global user base starts with improving the security culture and dialogue within said company itself.

Prior to Facebook, Sullivan spent several years at eBay and PayPal as well as eight years with the Department of Justice while prosecuting cybercrime.

At Uber, Sullivan will be tasked with spearheading cybersecurity and safety efforts on a data infrastructure supporting millions of trips per day across 300 cities in 56 countries.

As this momentum seemingly never stops growing, Uber CEO Travis Kalanick insisted in a blog post that Uber is no longer simply "just an app" but a critical part of the infrastructure of cities.

"It's no longer about traditional metrics for safe transportation or keeping our community's data private and secure, but about how we lead efforts to redefine and strengthen physical and data security in the location-based world," Kalanick continued. "We see opportunities ahead not just in technology, through biometrics and driver monitoring, but in the potential for inspiring collaborations with city and state governments around the world."

Sullivan already has his work cut out for him in shoring up Uber data security for users and drivers alike.

In February, the San Francisco-headquartered company revealed its databases had been compromised last year, then waiting several months before alerting impacted drivers.

Uber discovered the "one-time" incident of unauthorized accident in September 2014, although the breach was said to have taken place last May, according to a memo.

An investigation discovered "a small percentage" of current and former Uber driver data (including names and driver's license numbers) were stored in the database that was compromised.

That small percentage consisted of roughly 50,000 drivers across multiple states.

Editorial standards