Uber's CSO has been fired, according to a story in The New York Times.
That begs the question — did Uber throw Sullivan under the bus, turning him into a scapegoat for the recently disclosed year-old hack?
Sullivan's reputation may suffer irreparable harm as a result of the high-profile termination, which is receiving widespread media attention.
That may be OK by the ex-CSO if Uber paid him a 6-figure (or, dare anyone speculate, 7-figure) fee to keep quiet (as part of a non-disclosure, severance or some other agreement) — same as they did for the hackers who stole data and were paid $100,000 to destroy it.
On the other hand, Sullivan may be getting exactly what he deserves — if in fact he knowingly violated the law.
California's new data security laws, which require businesses and government agencies to disclose hacks in a timely fashion, went into effect Jan. 1, 2016.