A prominent cyber security researcher in the Australian Information Security community has been charged for a data breach at a well known Australian car sharing service, GoGet, while also potentially compromising the personal information of the company’s customers.
Nik Cubrilovic, 37, was arrested on suspicion, and after investigation appeared in Wollongong Local Court.
Nik was charged with two counts for accessing customer database and getting free rides from GoGet without authorization. According to the claim, he had an intention to commit serious indictable offences including 33 counts of take and drive conveyance without the owner’s consent .
It was also confirmed in a statement by GoGet that these unauthorized activities were identified last year in June. According to him, it was just to have fun with his girlfriend and the total expenditure on these would’ve been around $3,000.
Tristan Sender, GoGet CEO, said that the company had immediately launched a full scale internal investigation, while reporting the matter directly to the cyber crime division of the New South Wales Police.
The New South Wales Police claims that the culprit breached the GoGet systems on more than 30 occasions during May and July of previous year.
The well known Australian Infosec community member previously made headlines for reporting vulnerabilities found in Facebook in 2011. Moreover, he also helped the government’s MyGov site in 2014.
He was granted bail under strict conditions that include not accessing the internet, not getting in touch with GoGet customers or employees, reporting to authorities thrice a week, and submitting his documents to the authorities.
GoGet informed their customers of the breach recently, and promised to strengthen their system.
The company explained that it had chosen to hold off, notifying customers about the breach due to police advice as such a move might have forced the hacker to leak data.
