Uber Encounters Yet Another Data Breach, Code and Employee Data Leaked This Time

Looks like the tale of Uber and the data breach is going to continue for a while. Just when the popular US-based ride-sharing platform was recovering from its data breach that happened in September 2022, it fell prey to yet another breach on 10th December 2022 and became the talk of the town. The incident came to light when a cybercriminal stole Uber’s confidential data from a third-party company and posted it online.

According to the reports of BleepingComputer, on Saturday morning, the cybercriminal shared multiple posts on a famous hacking forum, BreachForums, the successor forum for the now-shuttered RaidForums. Using a pseudo name that goes by ‘UberLeaks,’ the cybercriminal shared highly sensitive information about Uber.

If we are to believe the claims of UberLeaks, the exposed data includes source codes, IT asset management reports, data destruction reports, Windows domain login names, email addresses, as well as other corporate information from mobile device management (MDM) platforms used by both companies and third-party vendors. UberLeaks apparently made four separate topics based on the platform- Uber MDM, Uber Eats MDM, and the Teqtivity MDM and TripActions MDM, each containing private information of its own, leaking the details of as many as 77,000 Uber employees.

To much surprise, each topic points to a notorious Lapsus$ hacking group member. The group is infamous for launching high-profile attacks on Ubisoft, Samsung, Nvidia, Microsoft, and even Uber in September 2022. To much relief, the stolen data did not contain any information about Uber users.

Paul Bischoff, the privacy advocate at tech research site Comparitech Ltd., said,

“Given that the data is now publicly accessible, as opposed to being sold to a single party, anyone could use it to launch targeted phishing attacks against Uber employees.”

He added, “These attacks could trick Uber staff into giving up login credentials, leading to more consequential attacks. Even if only a handful of employees out of the 77,000 affected were to fall victim to a phishing scam, it could be detrimental to Uber and its customers.”

Responding to the data breach, a spokesperson for Uber put forward a statement:

“Files are related to an incident at a third-party vendor and are unrelated to our security incident in September.”

The security breach that took place in the month of September was a result of a hacker breaching internal systems and accessing key information.

The Co-founder and Chief Technology Officer at real-time cybersecurity readiness company AttackIQ Inc., Stephan Chenette, also commented on the incident. “Besides the high-profile breach that occurred three months ago, which caused the hacking of the company’s internal databases,” he said, “Uber also experienced other significant attacks in the past, including a massive data breach in 2016 that exposed the data of approximately 57 million customers and drivers.” The failed protection of a third-party vendor in the most recent attack reveals that companies everywhere must better prioritize their cybersecurity measures.”

Until now, numerous security breaches have targeted Uber, surpassing the number of incidents. In 2016, the platform witnessed the most infamous data breach exposing the data of 50 million customers and seven million drivers. The news of Uber being breached again has become just another regular news for the readers. Companies have been shut down for much less when it comes to cybersecurity issues. However, the multinational taxi service seems to be getting a free pass.

Erich Kron, security awareness advocate at security awareness training company KnowBe4 Inc. gave his analogy to this whole fiasco. He explained, “Unfortunately, due to historical events, Uber will not only continue to be a target but will also be under a microscope when it comes to security incidents. If this is indeed data collected from a third party, it does serve to remind organizations that any time other parties have access to information, it can potentially be an issue.”

Should the Uber Data Breach Concern You? Our Two Cents

The news of regular data breaches of such high-profile companies, especially the ones that people consider their go-to, might scare you as it shakes your trust, and rightfully so!

Though this time it was only the leak of internal corporate data, it should make you alert and be on your toes all the time. The digital landscape is a vulnerable space, and with hackers lurking around to launch an attack anytime, breaches are, we would say, inevitable. That said, equipping yourself with the best identity theft protection is the best gear against these malicious actors.