“(F)ederal prosecutors alleged that in an attempt to cover up the security violation, (then Uber security executive Joe) Sullivan had ‘instructed his team to keep knowledge of the 2016 Breach tightly controlled’ and to treat the incident as part of the bug bounty program.”