So his crime was actually lying to Fed
If he'd said nothing, he'd be ok. Like Martha Stewart.
As Uber's chief security officer, Joe Sullivan broke the law by hushing up the theft of millions of people's details from the app maker's databases by hackers, prosecutors say. Sullivan, 52, formerly of eBay, Facebook, and PayPal, was today charged with obstruction of justice and misprision – concealing knowledge of a crime …
Actually, "Uber settled with the FTC and agreed to audits of its privacy and security systems every two years for the next two decades. The company also paid $148 million penalty to settle lawsuits brought by all 50 states and the District of Columbia."
See https://thehill.com/policy/technology/512968-doj-charges-former-uber-executive-with-attempting-to-conceal-2016-hack for more details.
We should be happy finally a senior manager is being legally taken to task over their conduct after finding out about a breach.Perhaps it will encourage the appropriate response and oh I don't know responsibility that comes with the inflated pay cheque.
It's likely that the management culture is in many ways just as guilty but you can't change that without changing the management mindset of each individual involved. If they think they are PERSONALLY on the hook for these sorts of shenanigans, it's far less likely to happen.