In the second half of 2016, LinkedIn’s Lynda.com and Uber were breached and then contacted by the hackers for payment to keep the breach quiet. Two men, Brandon Glover (26) from Florida and Vasile Mereacre (23) from Toronto were identified as the perpetrators when they plead guilty yesterday in a San Jose Courthouse. Amazon Web Services logins were used by the pair to access the Uber and Lynda.com servers and steal private customer information. The companies were contacted by the men, but each chose to handle the situation very differently. LinkedIn, instead of paying out the demand, chose to notify their customers of the breach and engaged in investigations to attempt to identify the attackers. On the other hand, Uber paid out over $100,000 dollars to the hackers and made them sign an NDA in an effort to hide the breach. Uber’s decision to keep the breach secret came to light eventually and gave rise to an FTC investigation in which Uber was ordered to pay $148 million in fines and agree to 20 years of privacy audits.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that