Uber Suffers Data Breach, Sensitive Data Leaked Online

New Uber Data Breach – Hacker Leaks Employee and Other Sensitive Data

Another day, another data breach at Uber – This time around, a hacker has leaked stolen data on a prominent cybercrime and hacking forum.

Another day, another data breach at Uber. This time, one of the world’s leading ride-sharing platforms has suffered yet another security incident, after which hackers posted sensitive employee information and internal corporate data.

It is worth noting that the data has been leaked on BreachForums, which surfaced as an alternative to the now-defunct now-seized Raidforums.

Incident Details

The cyberattack targeting Uber and Uber Eats occurred over the weekend. The news was first broken by RestorePrivacy on Saturday morning when a hacker with the username UberLeaks started leaking data stolen from the company on a popular data leak platform.

The hacker created four different topics to post the alleged data. This includes Uber MDM at uberhub.uberinternal.com, Uber Eats MDM, and third-party platforms Teqtivity MDM and TripActions MDM. However, in a statement to Hackread.com, TripActions denied maintaining an MDM.

Following investigations by both TripActions and Teqtivity, it has been determined that no TripActions data was exposed as part of this security incident nor were TripActions customers impacted as part of this security incident. TripActions does not maintain an MDM. We will continue to monitor the situation.”

TripActions
Uber Suffers Data Breach, Sensitive Data Leaked Online
Image source: Waqas – Hackread.com

On the other hand, Teqtivity has published a breach notification statement in which the company has acknowledged that a malicious third party accessed its system.

We are aware of customer data that was compromised due to unauthorized access to our systems by a malicious third party. The third party was able to gain access to our Teqtivity AWS backup server that housed Teqtivity code and data files related to Teqtivity customers

Teqtivity

What Data Was Leaked?

Hackread.com has seen the data and it can be confirmed that it contains several archives, including the source code linked with mobile device management platforms that Uber Eats and Uber both use, along with third-party vendor services.

The leaked data also includes data destruction reports, IT asset management reports, Windows domain login names, and email IDs, apart from corporate info. The Windows Active Director information and email IDs category contained over 77,000 records of Uber employees.

It is possible that this data doesn’t belong to the September breach because the files are unrelated to that incident, and Uber doesn’t own the code. Though Uber users don’t need to feel scared by this data breach, the company’s employees should be worried as they could become a target of phishing attacks.

Uber Suffers Data Breach, Sensitive Data Leaked Online
Screengrab source: Waqas – Hackread.com

Who Could be the Perpetrator?

Each of the four data leak category titles refers to a Lapsus$ hacking group member, also known for high-profile cyberattacks on Samsung, Nvidia, Microsoft, and Ubisoft. It is suspected that the same hacking group has targeted Uber because Lapsus$ had already attacked Uber in September and managed to access its internal network and Slack server.

  1. Hundreds of Uber Eats User records leaked on Dark Web
  2. Uber Hacker Targets Rockstar Games, Leaks Trove of GTA 6 Data
  3. Uber Rival Careem Hacked, 14 million customer & driver data stolen
Related Posts