Uber sees employee data leaked following cyberattack

A hacking forum has four new topics purporting to contain newly leaked corporate data from Uber and Uber Eats. The company has confirmed a...

A hacking forum has four new topics purporting to contain newly leaked corporate data from Uber and Uber Eats.

The company has confirmed a breach, revealing to BleepingComputer that data, including source code for mobile device management platforms (MDMs), IT asset management reports, data destruction reports, Windows Active Directory information, e-mail addresses, and “other corporate information” was stolen via a breach to an Amazon Web Services (AWS) server belonging to asset management and tracking service company Teqtivity.

The true extent of the breach is as yet unknown, but one document alone seen by BleepingComputer is stuffed with data for over 77,000 employees - although security researchers have confirmed that this particular breach should not affect customers.

Uber’s security woes

The incident is the third known breach to leak Uber personal data in recent years. 

In July 2022, TechRadar Pro reported that Uber confessed to covering up a “major” data breach that occurred in 2016 that led to customer data, including passwords, being leaked online, putting them at risk of identity theft

That leak was, however, uncovered well before then, resulting in a £385,000 fine from the UK’s Information Commissioner’s Office (ICO) in 2018.

In September 2022, the company confirmed that another data breach that affected customers, made possible by vulnerabilities to its critical endpoints,  had occurred that month. It later admitted that hacking collective Lapsus$ had gained access to its HackerOne dashboard, which provides insights into an organization’s digital security.

Forum posts relating to the December breach do reference at least one individual member of Lapsus$. However, Uber maintains that the September and December breaches are unrelated.

“We believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September. Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter,” it said, while also claiming that it has not seen malicious or unusual activity on its own systems.

Nevertheless, the latest breach raises concerns around the continued reliance on cloud services offered by only a select number of companies, such as Amazon, despite security and outage concerns.

Uber employees are advised to be extra vigilant on the lookout for social engineering scams, such as phishing attacks, from threat actors looking to capitalise on the breach.

from TechRadar - All the latest technology news https://ift.tt/YU9RP0I



Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,84,Video,5,XIAOMI,13,YouTube - 9to5Google,83,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Uber sees employee data leaked following cyberattack
Uber sees employee data leaked following cyberattack
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy